Breaking: Kaspersky Exposes NSA’s Worldwide, Backdoor Hacking of Virtually All Hard-Drive Firmware

Throughout the extended weekend, there had been rumors circulating around the blogosphere that a huge NSA hacking story—not originating via Edward Snowden—was about to break, and it was going to be a doozey. Sure enough, it’s all but “official,” per breaking news from Moscow-based Kaspersky Lab, one of the most highly-regarded cybersecurity firms in the world, via stories over the past few hours in Tuesday’s NY Times, Reuters and ARS Technica, among others, we’re now learning that America is the source of the greatest software exploitation (hacking) travesty ever reported.

As you’ll learn in the excerpted breaking stories, below, apparently, the NSA’s toolbox includes its ability to hack virtually every hard drive on the planet (even including those in “airgap” mode, unconnected to a network, via deviously-hidden code on data sticks); then, embed its code in the hard drive’s firmware, so securely and covertly that even a disk-wipe won’t erase the malware on the drive!

Let’s start off with the NY Times’ downplayed and propagandized version of the story (contrary to the NYT’s headline, a review of the Kaspersky Lab Report, available in full, below, indicates that, indeed, there were/are NSA-related hacks in the U.S. Ars Technica provides the most comprehensive and outstanding coverage of this story, which is linked and excerpted further down. Reuters, also linked and excerpted below, provides extremely convincing proof positive that this is a 14-plus-year-long story about the National Security Agency’s hacking efforts, which ARS Technica references as: “…the most advanced hacking operation ever uncovered…”)…

U.S. Embedded Spyware Overseas, Report Claims
By NICOLE PERLROTH and DAVID E. SANGER
New York Times (Page B1)
February 17th, 2015

SAN FRANCISCO — The United States has found a way to permanently embed surveillance and sabotage tools in computers and networks it has targeted in Iran, Russia, Pakistan, China, Afghanistan and other countries closely watched by American intelligence agencies, according to a Russian cybersecurity firm.

In a presentation of its findings at a conference in Mexico on Monday, Kaspersky Lab, the Russian firm, said that the implants had been placed by what it called the “Equation Group,” which appears to be a veiled reference to the National Security Agency and its military counterpart, United States Cyber Command.

It linked the techniques to those used in Stuxnet, the computer worm that disabled about 1,000 centrifuges in Iran’s nuclear enrichment program. It was later revealed that Stuxnet was part of a program code-named Olympic Games and run jointly by Israel and the United States.

Kaspersky’s report said that Olympic Games had similarities to a much broader effort to infect computers well beyond those in Iran. It detected particularly high infection rates in computers in Iran, Pakistan and Russia, three countries whose nuclear programs the United States routinely monitors…

The extensive NYT report continues on to note: “Some of the implants burrow so deep into the computer systems, Kaspersky said, that they infect the ‘firmware,’ the embedded software that preps the computer’s hardware before the operating system starts. It is beyond the reach of existing antivirus products and most security controls, Kaspersky reported, making it virtually impossible to wipe out.”

The report continues, “In many cases, it also allows the American intelligence agencies to grab the encryption keys off a machine, unnoticed, and unlock scrambled contents. Moreover, many of the tools are designed to run on computers that are disconnected from the Internet, which was the case in the computers controlling Iran’s nuclear enrichment plants.”

The report indicates that Kaspersky tracked “more than 60 [Equation Group] attack groups…in cyberspace…”, and “…the so-called Equation Group “surpasses anything known in terms of complexity and sophistication of techniques, and that has been active for almost two decades…”

# # #

Equation Group victims map (Source: Kaspersky Lab)

The NSA’s Equation Group has hacked the products of the following seven hard drive manufacturers (there were actually more than that on the Kaspersky list, but the other manufacturers have merged with the companies on this short list); essentially, this list represents companies that produce almost all of the hard drives in the world:

Maxtor
Seagate
Western Digital
Samsung
Toshiba
Hitachi
Micron

Forensics software displays some of the hard drives Equation Group was able to commandeer using malicious firmware. (Source: Kaspersky Lab via Ars Technica)

# # #

Ars Technica’s coverage of this story is nothing short of superb! I strongly recommend it. Unfortunately, due to usage restraints, I’m only excerpting a small portion of it…

How “omnipotent” hackers tied to NSA hid for 14 years—and were found at last
"Equation Group" ran the most advanced hacking operation
ever uncovered.

by Dan Goodin -
Ars Technica
Feb 16, 2015 11:00am PST

CANCUN, Mexico — In 2009, one or more prestigious researchers received a CD by mail that contained pictures and other materials from a recent scientific conference they attended in Houston. The scientists didn't know it then, but the disc also delivered a malicious payload developed by a highly advanced hacking operation that had been active since at least 2001. The CD, it seems, was tampered with on its way through the mail.

It wasn't the first time the operators—dubbed the "Equation Group" by researchers from Moscow-based Kaspersky Lab—had secretly intercepted a package in transit, booby-trapped its contents, and sent it to its intended destination…
…

Ars Technica lists the six pieces of Equation Group malware discovered by Kaspersky (from the Kaspersky Lab report; see full report, farther down)…

EquationLaser: an early implant in use from 2001 to 2004.
DoubleFantasy: a validator-style trojan designed to confirm if the infected person is an intended target. People who are confirmed get upgraded to either EquationDrug or GrayFish.

EquationDrug: also known as Equestre, this is a complex attack platform that supports 35 different modules and 18 drivers. It is one of two Equation Group malware platforms to re-flash hard drive firmware and use virtual file systems to conceal malicious files and stolen data.

GrayFish: the successor to EquationDrug and the most sophisticated of all the Equation Group attack platforms. It resides completely in the registry and relies on a bootkit to take hold each time a computer starts. Whereas EquationDrug re-flashed hard drives for six models, GrayFish re-flashed 12 classes of hard drives. GrayFish exploits a vulnerability in the CloneCD driver ElbyCDIO.sys—and possibly drivers of other programs—to bypass Windows code-signing requirements.

Fanny: A computer worm that exploited what in 2008 were two zero-day vulnerabilities in Windows to self-replicate each time an infected USB stick was inserted into a targeted computer. The main purpose of Fanny was to conduct reconnaissance on sensitive air-gapped networks. After infecting a computer not connected to the Internet, Fanny collected network information and saved it to a hidden area of the USB drive. If the stick was later plugged in to an Internet-computer, it would upload the data to attacker servers and download any attacker commands. If the stick was later plugged into the air-gapped machine, the downloaded commands would be executed. This process would continue each time the stick was switched between air-gapped and Internet-connected machines.

TripleFantasy: A full-featured backdoor sometimes used in tandem with GrayFish.

Comment Preferences

710 comments | Permalink

Tip Jar (421+ / 0-)

Recommended by:
Alumbrados, Angie in WA State, zzyzx, cslewis, jo fish, pundit, SteveLCo, raboof, decisivemoment, dalemac, El Zmuenga, AaronInSanDiego, native, PeterHug, Bob Love, DebtorsPrison, greenbird, Shockwave, sobermom, RFK Lives, Matilda, Bruce The Moose, geordie, TracieLynn, Cassandra77, ask, rabel, ovals49, ivote2004, sngmama, mollyd, PeteZerria, Nate Roberts, k9disc, manneckdesign, kharma, psnyder, Moody Loner, NYC Sophia, Dallasdoc, pat bunny, white blitz, niteskolar, DSC on the Plateau, penguins4peace, hazzcon, Diana in NoVa, zerelda, side pocket, Hillbilly Dem, Elwood Dowd, Deward Hastings, Steven D, mosesfreeman, llellet, Sol Fed Joe, Gowrie Gal, liamladdieo, Green Mountain Flatlander, Skennet Boch, Bluesee, Simian, jrooth, Elizabeth 44, joe shikspack, Sprinkles, bnasley, QueenOfTheFaeries, semiot, Betty Pinson, cville townie, flevitan, zemongoose, CitizenOfEarth, deben, Keith Pickering, coyote66, CTPatriot, eru, here4tehbeer, CharlesII, DarkScholar82, Brecht, rhutcheson, ColoTim, temptxan, Pablo Bocanegra, Klaus, dreamweaver1, riverlover, OllieGarkey, Chaddiwicker, cybersaur, G2geek, Kentucky Kid, zerone, defluxion10, Moderation, northsylvania, bethann, shopkeeper, JayRaye, Dumbo, glitterscale, JekyllnHyde, joynow, MJ via Chicago, wayoutinthestix, slatsg, pajoly, emmasnacker, sb, Laughing Vergil, Rogneid, hotheadCA, mooshter, bibble, psychodrew, mrkvica, dkmich, roses, on the cusp, Ender, Demeter Rising, Turbonerd, JesseCW, wil rizen, cynndara, lostinamerica, gerrilea, Clive all hat no horse Rodeo, Rhysling, Johnny Q, oceanview, Einsteinia, happymisanthropy, JVolvo, Zinman, wordwraith, ctsteve, Hastur, yoduuuh do or do not, 714day, SpecialKinFlag, tofumagoo, Shotput8, JerryNA, BlueInARedState, Take a Hard Left, pgm 01, Anthony Page aka SecondComing, Situational Lefty, goodpractice, sawgrass727, out of left field, geekydee, 3rdOption, AverageJoe42, pileta, truong son traveler, mauricehall, radarlady, Creosote, HarpboyAK, Loose Fur, Teiresias70, The Wizard, phillies, jazzizbest, orlbucfan, statsone, Ironic Chef, FrY10cK, Brian82, Lujane, dinotrac, Skyprogress, KDfrAZ, Chirons apprentice, All In, darleneh, bobcat41702, Charlie1350, broke neck, Terry S, jrmtour, BMScott, Sagebrush Bob, George3, GreatLakeSailor, ptressel, TKO333, Johnny Nucleo, turn blue, SouthernLiberalinMD, Shaylors Provence, The Free Agent, tommymet, Antitheist

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:34:17 AM PST
Well done, bobswern, as usual (83+ / 0-)

Recommended by:
decisivemoment, Shockwave, dinazina, ivote2004, kharma, psnyder, Dallasdoc, zerelda, xxdr zombiexx, corvo, dewtx, ChemBob, fixxit, GreyHawk, stevemb, Tool, martini, cardboardurinal, blueoasis, StrayCat, gooderservice, NearlyNormal, shaharazade, AllanTBG, One Pissed Off Liberal, yoduuuh do or do not, la urracca, dclawyer06, Shadowmage36, dconrad, bobswern, bewild, Don midwest, CroneWit, eparrot, triplepoint, BYw, rodentrancher, sydneyluv, cybrestrike, pvasileff, Losty, Caerus, Johnny Q, Teiresias70, Wolf10, DocG, DRo, MichaelNY, No one gets out alive, Laurel in CA, Mr Robert, jbob, eyo, HedwigKos, Demeter Rising, Fishtroller01, River Rover, The Marti, thanatokephaloides, Betty Pinson, cville townie, zemongoose, CTPatriot, Brecht, ColoTim, Moderation, defluxion10, glitterscale, Rogneid, mooshter, Alumbrados, dogemperor, lostinamerica, Clive all hat no horse Rodeo, oceanview, JVolvo, Shotput8, Take a Hard Left, pgm 01, Situational Lefty, radarlady, HarpboyAK

This is astounding. I don't know what to say. Wonder what the ramifications will be.

"Religion is what keeps the poor from murdering the rich."--Napoleon

by Diana in NoVa on Tue Feb 17, 2015 at 02:55:57 AM PST

Ramification #1: Open Source, Security, & Privacy (60+ / 0-)

Recommended by:
decisivemoment, TracieLynn, PeteZerria, Nate Roberts, kharma, Dallasdoc, DSC on the Plateau, JayBat, dewtx, stevemb, martini, Medium Head Boy, blueoasis, The Hindsight Times, AllanTBG, clinging to hope, yoduuuh do or do not, Shadowmage36, bobswern, TexasTwister, Don midwest, CroneWit, Ezekiel in Exile, Greyhound, rodentrancher, sydneyluv, cybrestrike, J M F, Losty, mookins, Caerus, enhydra lutris, Square Knot, SouthernLiberalinMD, MichaelNY, No one gets out alive, Laurel in CA, quill, Punditus Maximus, jbob, eyo, HedwigKos, Demeter Rising, thanatokephaloides, cville townie, Betty Pinson, CTPatriot, ColoTim, Moderation, defluxion10, renbear, Rogneid, Alumbrados, dogemperor, Clive all hat no horse Rodeo, oceanview, JVolvo, 3rdOption, radarlady, Creosote

The relevance of Open Source is about to come into focus for a whole new population. Of the ~5 billion computer/phone users on this planet, some larger chunk than heretofore will begin to pay attention to their information privacy and communication security --- and wake up to the importance of being able to read source code, or to be able to trust trustworthy people to read source code.

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 03:20:35 AM PST

[ Parent ]

Ramification #2: Open Source Firmware (60+ / 0-)

Recommended by:
decisivemoment, TracieLynn, PeteZerria, Nate Roberts, kharma, Dallasdoc, DSC on the Plateau, JayBat, jrooth, dewtx, stevemb, martini, Medium Head Boy, blueoasis, StrayCat, The Hindsight Times, AllanTBG, yoduuuh do or do not, Shadowmage36, bobswern, CroneWit, Ezekiel in Exile, Greyhound, BYw, rodentrancher, cybrestrike, J M F, Losty, mookins, samanthab, renbear, enhydra lutris, Square Knot, SouthernLiberalinMD, MichaelNY, Laurel in CA, quill, Punditus Maximus, Steve Masover, jbob, eyo, HedwigKos, patbahn, thanatokephaloides, Elizabeth 44, cville townie, Betty Pinson, CTPatriot, davelf2, ColoTim, Moderation, defluxion10, Rogneid, Alumbrados, dogemperor, Clive all hat no horse Rodeo, happymisanthropy, JVolvo, 3rdOption, radarlady

Technical community insiders will begin to drive the open source imperative down to drivers, firmware, and microcode.

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 03:22:21 AM PST

[ Parent ]

Ramification #3: Vendor Lockin gets stale, again. (48+ / 0-)

Recommended by:
zzyzx, native, PeteZerria, Nate Roberts, Dallasdoc, JayBat, G2geek, dewtx, stevemb, martini, Medium Head Boy, shaharazade, AllanTBG, linkage, yoduuuh do or do not, Shadowmage36, bobswern, CroneWit, Ezekiel in Exile, Greyhound, BYw, rodentrancher, cybrestrike, mookins, enhydra lutris, Square Knot, jbob, eyo, HedwigKos, patbahn, thanatokephaloides, cville townie, Betty Pinson, eru, CTPatriot, here4tehbeer, dreamweaver1, defluxion10, Moderation, Laughing Vergil, Rogneid, Alumbrados, dogemperor, Clive all hat no horse Rodeo, happymisanthropy, JVolvo, 3rdOption, radarlady

In every generation of technology, newbies get seduced in by the siren song of "free" and "easy".

Eventually they wake up to the myriad costs, risks, and woes that come from vendor lockin... and eventually those costs, risks, and woes grow so great that the now-savvy insist on some degree of freedom, choice, openness, standardization.

The cycle repeats... but the more times one has been burnt over the course of one's technology career, the brighter the lesson is seared into one's graymatter.

But now, for the first time in history, there is no larger than ever before pool of potential newbies. 2/3 of all humans have now had at least 1 round of digital technology experience.

Even your grandmother, and the kid in Rwanda, will have to learn to think, at least a bit, like a CIO does (or ought to).

Interesting times ahead.

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 03:30:26 AM PST

[ Parent ]
You think open source would have helped here? (25+ / 0-)

Recommended by:
rabel, manneckdesign, white blitz, NYFM, llellet, dogemperor, ChemBob, stevemb, Jim P, CharlieHipHop, linkage, dconrad, wilderness voice, Laughing Vergil, samanthab, Caerus, JamieH, Miggles, DRo, MichaelNY, sweatyb, eyo, thanatokephaloides, Subterra, Dbug

I really don't see how.

by i dont get it on Tue Feb 17, 2015 at 04:30:27 AM PST

[ Parent ]

Recursive UID! That is funny, thanks :D n/t (3+ / 0-)

Recommended by:
ewmorr, dogemperor, ivote2004

by eyo on Tue Feb 17, 2015 at 06:51:54 AM PST

[ Parent ]

well, "i dont get it" is at least being.... (3+ / 0-)

Recommended by:
eyo, Lujane, KDfrAZ

consistent, and pretty honest,

which is a lot more than we can say about most Republicans, can we ;)

Recursion, in the form of self-awareness or even just self-reference, can be the birth of consciousness....

...or at least mind blowing stack overflows :)

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 06:42:19 PM PST

[ Parent ]

Open source (4+ / 0-)

Recommended by:
dogemperor, CharlieHipHop, dconrad, Dbug

has all kinds of hidden security issues as well. This fairy tale that open source is somehow magically secure is just that. A fairy tale.

by JamieH on Tue Feb 17, 2015 at 09:40:39 AM PST

[ Parent ]

[citation needed] n/t (5+ / 0-)

Recommended by:
eyo, cville townie, Laughing Vergil, JVolvo, ivote2004

... there is always an easy solution to every problem -- neat, plausible and wrong. - H. L. Mencken

by renbear on Tue Feb 17, 2015 at 10:03:41 AM PST

[ Parent ]

But no citation needed for the absurd claim tha... (0+ / 0-)

But no citation needed for the absurd claim that open source would save the day? I'm sure the NSA could never figure out how to hide a Trojan horse or back door in a million lines of assembly code that most programmers couldn't even read. We're not talking about html or Python or even C++ that deep down the stack.

by CharlieHipHop on Tue Feb 17, 2015 at 06:53:41 PM PST

[ Parent ]

It's a Lot Harder (3+ / 0-)

Recommended by:
DontTaseMeBro, eyo, renbear

As Bruce Schneier has often commented on summarizing Snowden revelations, it's clear that any action taken to discourage the NSA has worked in reducing the chances NSA will get your data.

Open source would make it harder to hide NSA attacks inside the operating code. Not impossible, but harder. So less prevalent.

For example, Kaspersky would probably have exposed these NSA attacks much earlier. Or some other researchers would have, without even Kaspersky's resources.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:33:17 PM PST

[ Parent ]

I disagree (0+ / 0-)

Recent very severe holes may have found their way in BECAUSE they were in open-source projects.

It's not like the old days when you had 10,000 lines of procedural code. Now it's millions of lines that can be impossible to backtrace thoroughly. The open source community does a great job of vetting code, but it's a double-edged sword. Anybody can contribute, and nobody sees the whole system, except maybe the NSA which has special tools at its disposal that the FOSS movement does not.

And in any case, we're not talking about software here. We're talking about firmware. I'm not sure I'd be at all comfortable with my firmware's embedded code being available as an open standard, frankly.

They tell me I'm pretty amusing from time to time working with 140 characters or less.

by CharlieHipHop on Tue Feb 17, 2015 at 07:54:39 PM PST

[ Parent ]

Disagree With What? (4+ / 0-)

Recommended by:
eyo, Don midwest, renbear, All In

You disagree that it's a lot harder? But it is. And proprietary code is also millions of lines, that are reviewed a lot less.

Also, there are few open source projects where "anybody" can contribute to the system, or rather where "anybody" does. Most that see their code used by more than trivial amounts of people outside the project itself are vetted by their core team, teams that are resistant to newcomers unless proven by (well evaluated) merit.

Contrast with proprietary projects, which are less stringent: someone hires, who's often not even a programmer and very rarely ever audits code, the rest work with the person. Separate security audits, if any, from the main development.

There is very little making proprietary code any different from open source, except the many more people reviewing the open source. That makes it overall more secure.

Just because there may have been some recent severe holes (which?) due to their project's source being open - and dependent on poor review - doesn't mean open source isn't overall more secure than proprietary. There are far more severe holes definitely in closed source, even recently, than in open source.

Also, firmware is software. The only difference nowadays is that firmware is stored in less volatile storage and is designed to be changed less often. With most storage becoming flash drives even for desktops, there's little distinction. We call the software in embedded devices "firmware", but it's still software. And even "hardware" is a fuzzy definition with increasingly reconfigurable hardware.

I don't see you making any convincing point that any kind of code is more secure because it's proprietary rather than open source.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 08:05:54 PM PST

[ Parent ]

It appears from the article (0+ / 0-)

that the malicious code in at least one cited case was inserted AFTER everything else, through a package that went through the mail. What can be done to prevent that?

by strawbale on Wed Feb 18, 2015 at 10:11:40 AM PST

[ Parent ]

Insertion Protection (1+ / 0-)

Recommended by:
dinotrac

I think you're referring to:

In 2009, one or more prestigious researchers received a CD by mail that contained pictures and other materials from a recent scientific conference they attended in Houston. The scientists didn't know it then, but the disc also delivered a malicious payload developed by a highly advanced hacking operation that had been active since at least 2001. The CD, it seems, was tampered with on its way through the mail.

That means the attackers intercepted a CD in the mail undetected, which is pretty hard to avoid. However, the CD was sent either by the conference, or by an attendee. In neither case could the receivers be sure the CD wasn't infected when it was originally created, though it is claimed it was infected later. So the point of vulnerability was putting a CD of unknown integrity into a computer, not simply the vulnerable mail where it was actually infected. This is a common vulnerability: infected CDs, no matter where they were infected. You cannot trust media you receive from anyone, however friendly or benign they might be.

The protections start with rigorous caution in running any code received from anywhere. They should include hardware security that requires any changes to be signed with a crypto signature for access and probably logged back to the Internet database of the purported signer. In between should be comprehensive security included by the OS vendor (Apple, MS, Google, Blackberry) and yes, the FBI should do a much better job securing this property from the epic crime wave.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Wed Feb 18, 2015 at 12:15:51 PM PST

[ Parent ]

Bingo. No untrusted media. (1+ / 0-)

Recommended by:
DocGonzo

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:26:48 PM PST

[ Parent ]
No Trusted Media (1+ / 0-)

Recommended by:
dinotrac

All media must be counted untrustworthy, including (especially) networks. Since the NSA in this story intercepted the USPS and tampered with its contents, it's certain the NSA is doing so on the far less regulated Internet, with fewer witnesses and other Federal jurisdictions. Even a crypto signed CD, its fingerprint received separately, could be generated by the NSA in the middle. Even easier on the Internet.

The calamity makes it impossible to trust anything. Especially when the NSA is embedding its spyware in most local storage media, as well as probably in most OSes (including "steganocrypto" in open source like Linux).

This episode should force us to confront the NSA and prohibit it from spying on at least American citizens, as per the Constitution. We should convert the NSA into actual defense from the "signals intelligence" that is actually robbing our liberty and our property.

Sadly I expect we'll just get used to the worse abuse by our own government, direct gateway to worse abuse in general.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Thu Feb 19, 2015 at 10:20:59 AM PST

[ Parent ]
That's an overstatement. (0+ / 0-)

If you have the resources to manufacture and/or audit your own media, that can reasonably be trusted. You and I can't do that, but DoD can. So can a few others.

Most?
Nope.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Thu Feb 19, 2015 at 01:33:58 PM PST

[ Parent ]

For most of us, nothing. For a well-funded (0+ / 0-)

security-conscious organization, scanning the media and removing executables, replacing any necessary bootstrap code with your own audited code. No external CDs, DVDs, for example could be permitted access to any devices beyond the scanners, and the media itself would be replace with "clean" media.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:26:06 PM PST

[ Parent ]

We absolutely do -not- do... (1+ / 0-)

Recommended by:
wchever

...a good job of vetting code. In fact, Shellshock and Heartbleed are proof that we relied on the concept that someone was looking at it, when in reality, if it works, very few people actually check the code -- especially if the protocol is implemented in a language that's not "in style", so to speak.

At the end of the day though, this is a firmware hack, it's absolutely genius...and it still relied on bad human behavior to get past the air gap -- there's a reason why you do not take air-gapped work home, and why you do not plug in ANYTHING to a device on an air-gapped network that has been plugged in outside of it.

Everyday Magic
Any sufficiently advanced technology is indistinguishable from magic.
-- Clarke's Third Law

by The Technomancer on Tue Feb 17, 2015 at 08:06:38 PM PST

[ Parent ]

Thank you. (1+ / 0-)

Recommended by:
All In

This thread triggered me something terrible. I fought against this nonsense as a guru-level sysadmin in the late 90's, so much so that it burnt me out.

I just can't engage anymore. You'd think that posters on a liberal site wouldn't buy in to corporatist propaganda like that. I was a mess yesterday after reading the original posts, and have the shakes now, just reading the responses today. This is why I'm a massage therapist now, rather than a senior UNIX sysadmin. (Congratulations, corporate shills, you won! Take a victory lap, you earned it!)

Anyway. Ugh. Yes. Thank you. And sorry if that was oversharing.

... there is always an easy solution to every problem -- neat, plausible and wrong. - H. L. Mencken

by renbear on Wed Feb 18, 2015 at 11:06:19 AM PST

[ Parent ]

You're Welcome (2+ / 0-)

Recommended by:
All In, renbear

I'm glad you felt better reading what I wrote.

But yeah - if this common if misguided resistance to the well established security superiority of open source freaks you out that much, you're better off associating with massage therapists than with IT workers :).

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Wed Feb 18, 2015 at 12:55:18 PM PST

[ Parent ]

Ummm...No. That is not the claim so far as I can (0+ / 0-)

tell. Open source makes it possible for organizations with the will and resources to protect themselves by auditing the source.

That's a fairly small group (like D.o.D.), but the proposition is far from absurd.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:23:14 PM PST

[ Parent ]

Heartbleed (0+ / 0-)

http://en.wikipedia.org/...

by ptressel on Thu Feb 19, 2015 at 03:03:02 PM PST

[ Parent ]
Another example -- WordPress (0+ / 0-)

Much as I like WordPress, it's a security nightmare. The cycle goes like this:

WordPress releases a patch to fix a security bug. Hackers, who are watching WordPress releases, quickly write up an exploit for the patched vuln. Exploit gets run against existing WordPress sites, as they can't upgrade as fast as the exploit can be deployed.

Since many WordPress sites are run by folks who are not trained sysadmins, they may not keep up with upgrades. And they may not notice they've been hacked right away. Their installation may be used in a botnet, or may have links to malware delivery sites inserted.

This cycle is not hypothetical -- it's well known and acknowledged. WordPress sites are advised to upgrade immediately when there's a new release.

by ptressel on Thu Feb 19, 2015 at 03:53:14 PM PST

[ Parent ]

What exactly do you mean by (13+ / 0-)

Recommended by:
renbear, thanatokephaloides, eyo, MichaelNY, cville townie, ColoTim, cybersaur, mrkvica, palantir, happymisanthropy, JVolvo, ivote2004, JerryNA

"all kinds of hidden security issues"?

Certainly, open source projects can have defects that can be exploited by bad actors. Just as proprietary software can have these kind of defects. The difference is that at least it's possible to audit open source software to find these defects. It's much harder to do that if you are looking at machine code, which is what you have to do with proprietary software.

Or are you suggesting that the NSA puts goodies into open source software? This isn't completely outlandish -- one of the major security subsystems in Linux got help from the NSA in creating it -- but people outside of the NSA can look in detail at what the NSA supplied, and analyze it for holes.

Do you have some particular expertise in this area that backs up what you're saying?

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 10:36:28 AM PST

[ Parent ]

But the problem is- people who contribute to (2+ / 0-)

Recommended by:
decisivemoment, MichaelNY

open source projects, may have ulterior motives. They may leave open certain vulnerabilities, that they could exploit later.

by icemilkcoffee on Tue Feb 17, 2015 at 11:00:59 AM PST

[ Parent ]

Hint: there's a reason it's called OPEN. C'mon in! (15+ / 0-)

Recommended by:
Bluesee, cville townie, ColoTim, cybersaur, renbear, mrkvica, mbayrob, palantir, Demeter Rising, happymisanthropy, JVolvo, ivote2004, DocGonzo, JerryNA, FrY10cK

There are never too many eyes on open code. Looky: Linux Foundation Members

OS-SEC
Open Source Security Mailing List

Discussion of security flaws, concepts, and practices in the Open Source community
Alternative:
Microsoft Sec Notification Mailing List
Beware that MS often uses these security bulletins as marketing propaganda to downplay serious vulnerabilities in their products—note how most have a prominent and often-misleading "mitigating factors" section.
I polished off eight years of WinAdmin experience with an MCSE (NT4/2k) and promptly stopped using MS products. After working in the Financial Services industry I wish I could quit banks and insurance companies too, but oh well. At least there's Free software.
Peace

by eyo on Tue Feb 17, 2015 at 11:45:30 AM PST

[ Parent ]

Heartbleed (1+ / 0-)

Recommended by:
eyo

And yet Heartbleed still happened. The problem is just because it's open doesn't mean you or I have the capability of finding and fixing things like Heartbleed.

I used to use an encryption package called TrueCrypt. I loved it because it was open source (secure, right?). Now you can read what's left of this software here: http://truecrypt.sourceforge.net/

Don't blindly trust something just because it's open source.

Those who cannot remember the past are condemned to repeat it. George Santayana

by RAST on Tue Feb 17, 2015 at 05:25:37 PM PST

[ Parent ]

A few other factors at play as well, eh? (1+ / 0-)

Recommended by:
eyo

The development of TrueCrypt was ended in 5/2014 after Microsoft terminated support of Windows XP. Windows 8/7/Vista and later offer integrated support for encrypted disks and virtual disk images.

Don't blindly trust something just because it's open source.
Of course. The point of it being open is that you can look into it, see as deeply as you wish, and ask others for help when the going gets tough.
Sure, few may be literate in the language of a given package, and that's a good argument for why its better to trust in communities built around Open Standards and widely used languages, and build networks of trust and trustworthiness around our software tools.

But its really really really hard to read code when you're choosing to be blind.

Which brings us right back to where I started this thread....

Ramification #1: Open Source, Security, & Privacy (57+ / 0-)
The relevance of Open Source is about to come into focus for a whole new population. Of the ~5 billion computer/phone users on this planet, some larger chunk than heretofore will begin to pay attention to their information privacy and communication security --- and wake up to the importance of being able to read source code, or to be able to trust trustworthy people to read source code.

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 06:54:16 PM PST

[ Parent ]
After Heartbleed: Core Infrastructure Inititiative (1+ / 0-)

Recommended by:
FrY10cK

http://www.networkworld.com/...

This group has more than deep pockets. They use open source internally and as a component to deliver customer solutions. Each is capable of disciplined market measurement to assess the adoption of open source projects and has the project management skills to assess where resources need to be added to improve mission-critical quality.
This is a promising development, though it should be categorized as “says easy does hard.” All of these companies, especially Facebook, Google, IBM, Intel, and Microsoft, really understand open source software as well as anyone on the planet. But more than money, these companies will have to dedicate some of their best people, not just for a conference, but dedicate them to monitoring and measuring existing large-scale open source projects and look for the tips of the icebergs of new open source projects that have become critical components to internet infrastructure.

Open source projects regularly run into bugs and project delays. When this happens, it’s not uncommon for the most affected development teams to contribute a full-time developer or two to the project until it is back on track. It’s a self-sustaining system that has worked well. And hopefully the ad hoc cash and developer contributions will continue in parallel to the CII to build better project management skills in the community that will cope with the increasing scale and complexity of the open source projects that drive the internet.

http://www.linuxfoundation.org/...
Amazon Web Services, Cisco, Dell, Facebook, Fujitsu, Google, IBM, Intel, Microsoft, NetApp, Rackspace, VMware and The Linux Foundation Form New Initiative to Support Critical Open Source Projects
Linux is big business, that is the "community" now.

by eyo on Wed Feb 18, 2015 at 01:31:09 AM PST

[ Parent ]
I don't have the knowledge to analyze the source (2+ / 0-)

Recommended by:
eyo, renbear

code for the Bash shell or Truecrypt. But it is possible and someone did it which led to the discovery of vulnerabilities.

The same is not true of closed source software unless you work for the vendor or own the company.

Tar sands, fracking, and deep water drilling are expensive. Crude oil exceeded $100/bbl causing the financial crisis of 2007-08. NH₃ based fertilizer feeds an estimated ⅓ of the world with the Haber-Bosch process using natural gas as a feedstock.

by FrY10cK on Wed Feb 18, 2015 at 09:17:55 AM PST

[ Parent ]
OpenSSL is mostly closed (0+ / 0-)

Their source repo and development mailing lists are all closed off. All you get are code dumps when a new release is mode.

I use TLS wherever I can.

We want to build cyber magicians!

by VelvetElvis on Thu Feb 19, 2015 at 01:41:21 AM PST

[ Parent ]

Security issues are not always obvious (0+ / 0-)

Just because anyone can look at the code doesn't mean that the security issue will be noticed. Plus, any addition to the code by anyone who works on it can introduce a new security issue.

Most of the things talked about in that article were the NSA exploiting security issues in existing software, not the NSA building special NSA access into things that no one could see.

Open source people have always propagated the myth that open source code is more secure because everyone can look at it. But security is about WAY more than just having lots of people "looking at code".

by JamieH on Tue Feb 17, 2015 at 01:54:28 PM PST

[ Parent ]

Security is indeed more than that (2+ / 0-)

Recommended by:
ivote2004, eyo

Well run projects, therefore, have security specialists that know to look for certain kind of coding problems.

Depending on the project, and what language it's written in, there are certain classes of problems that lead to security issues. If you're programming in a language like C or C++, people can exploit things like buffer overruns, or playing games with items on the stack. Web projects have issues with preventing input in forms getting things executed by the javascript interpreter, or by the database server.

Things do get past people. And black hats and spies do indeed try to find out about these kind of problems without telling others about it. But security exploits that are really novel are very rare. Unless people are doing something that no one has heard about before, i.e., a previously unknown attack vector (today's report by the Kapersky people about firmware based attacks via disk drive was news to a lot of us), issues you see in security alerts fall into just a few classes. And novel issues are if anything, more of a problem for proprietary software.

I don't know if you've ever worked on open source software, but if you have, you'll be aware of what goes into QA of it, and how security related defects get discovered, fixed, and how various parts of the software chain get the fixes. It's a lot more than just "looking at the software".

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 04:42:32 PM PST

[ Parent ]

But all of those things you mention are irrelevant (0+ / 0-)

Irrelevant to the argument of why open source is somehow superior that is.

All of those things you mention are all things that are standard practices in the QA of proprietary software and have been for decades.

The whole argument people keep bringing up for why open-source software is this magical unicorn of security is because of this theory that because anyone is allowed access to see the code then it must not be possible for security flaws to slip by everyone. Which is just a pile of crap. If that were true, Linux would be security-flaw free and that has clearly not been the case.

The reality is that the security of any system connected to the internet is extraordinarily difficult, and anyone who thinks their code is flawless is kidding themselves. That's why all of the major vendors issue regular security updates.

by JamieH on Tue Feb 17, 2015 at 10:59:17 PM PST

[ Parent ]

You are the one talking unicorns (1+ / 0-)

Recommended by:
renbear

It is a better model for the global development and distribution of software. The community already responded appropriately and is moving forward in case you didn't notice. Nothing is static.

If you think the closed model of development enriches more people, I'll agree to disagree. If you are talking about the likes of Facebook and Microsoft pretending their platforms are secure, I do agree with that but don't fault coders for corporate stupid.

by eyo on Wed Feb 18, 2015 at 02:01:16 AM PST

[ Parent ]

LOL (1+ / 0-)

Recommended by:
eyo

It's a DIFFERENT model for development and distribution of software. YOU think it's better. Lots of people think it isn't. I personally would quit working in software altogether before I ever touched an open source project.

by JamieH on Thu Feb 19, 2015 at 12:24:54 AM PST

[ Parent ]

Ever heard of Heartbleed? That was in an open s... (0+ / 0-)

Ever heard of Heartbleed? That was in an open source project. All your encryption are belong to us. It was a serious, serious problem that hid in plain sight for many years. There are many other examples, some more recent. Open source is great, but it's not a cure-all, and sometimes locked-down proprietary binaries are, in fact, more secure. Try rooting a BlackBerry if you don't believe me.

by CharlieHipHop on Tue Feb 17, 2015 at 06:58:05 PM PST

[ Parent ]

Security through obscurity (0+ / 0-)

is not best practice, at least according to the NIST, quoted from wiki:

Security through obscurity has never achieved engineering acceptance as an approach to securing a system, as it contradicts the principle of simplicity. The National Institute of Standards and Technology (NIST) in the United States specifically recommends against this practice: "System security should not depend on the secrecy of the implementation or its components."
Also I don't quite see the point in rooting a blackberry or what would drive efforts to do so at this point since their marketshare is dwindling and has been for a quite a while now.
I imagine that the number of folks talented enough to parse through disassembled binaries and determine exploitable proprietary code imparts an advantage to the long term exploitation of such code through lack of discovery by the public at large.

Even though source code might make it orders of magnitude easier to discover an exploit... the free availability of it does attract much more scrutiny. If you want evidence there's a whole document above from kaspersky describing the Equations Group's extensive use of proprietary software to develop lasting methods of espionage.

Simply citing a couple of longer lived vulnerabilities is not going to be enough to persuade me otherwise.

by MendJusticeForAll on Thu Feb 19, 2015 at 12:42:37 AM PST

[ Parent ]

It's not magic. (13+ / 0-)

Recommended by:
mbayrob, dogemperor, cybersaur, JVolvo, CharlieHipHop, ColoTim, cville townie, eparrot, palantir, renbear, MichaelNY, eyo, ivote2004

It's science. You want to audit the code? Audit the code. Hire a team of white hats to check the code and the code for the compiler then compile the compiler and code to verify security.

Proverbs 29:7 “The righteous care about justice for the poor, but the wicked have no such concern.”

by nightsweat on Tue Feb 17, 2015 at 10:54:40 AM PST

[ Parent ]

It's not that simple. we're talking about assem... (0+ / 0-)

It's not that simple. we're talking about assembly code, not app code. If the hardware is tampered with between the time your auditors audit it and the time it gets to the customer, there's fuck-all you can do about it. The solution is a combination of what you're talking about plus strongly encrypted firmware plus a secure bootrom. And that's assuming that they haven't already fiddled with your encryption algo and that your random number generator is truly random (See: Heartbleed, RSA, etc.)

by CharlieHipHop on Tue Feb 17, 2015 at 07:06:14 PM PST

[ Parent ]

Kaspersky Found It (5+ / 0-)

Recommended by:
ivote2004, eyo, FrY10cK, All In, renbear

Kaspersky found these attacks hidden in proprietary code. If the source were open, it would probably have been found earlier.

Heartbleed would probably have been exposed later if it were in closed code.

Nobody's saying that open source is a "magic cure all". We're just saying that it is more secure than closed source, not perfectly secure.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:35:37 PM PST

[ Parent ]

It's not though (0+ / 0-)

Open source can be (but is not necessarily) more secure in app-layer code, but that's not what this is.

Heartbleed might never have happened if it were a closed standard. If you've got a ton of people contributing to an open-source project, the NSA can contribute too. Other (proprietary) SSL standards have not been p4wned like that.

GHOST was just a couple weeks ago. http://www.zdnet.com/...

Open-source is no more secure in today's world. It may be less secure because "hippyboypeacecoder"'s Git branch might just be run by the NSA, and hippyboypeacecoder may be very clever about how his buffer overflow vulnerability presents itself.

They tell me I'm pretty amusing from time to time working with 140 characters or less.

by CharlieHipHop on Tue Feb 17, 2015 at 07:48:43 PM PST

[ Parent ]

Might (2+ / 0-)

Recommended by:
eyo, renbear

Heartbleed might never have happened to proprietary source. OTOH, it very well might. Indeed, proprietary code overall is more likely to be compromised, because it's not just reviewed by a less diverse group but because its proprietary nature is still often mistakenly expected to protect it more than a diverse group of reviewers.

Look at the frequency you're talking about. Heartbleed many months ago. GHOST a few weeks ago. Meanwhile there are proprietary security holes reported weekly if not daily. Despite the proprietary holes being harder to find, so underreported.

hippyboypeacecoder@NSA.seagate.com (remove the .NSA spam protection) has been very successful with lots of proprietary code.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 08:10:33 PM PST

[ Parent ]

check out the SWAMP project (0+ / 0-)

To put the torture behind us is, inevitably, to put it in front of us.

by UntimelyRippd on Tue Feb 17, 2015 at 07:42:48 PM PST

[ Parent ]
This is a serious question. (0+ / 0-)

I'm not a software engineer so pardon my ignorance. To be truly certain your program is free of vulnerabilities, do you have to audit the source for the compiler that you use to compile the compiler that you use to compile your program?

Or do you assume that if the compiler binary and it's source code came from the same FTP server/DVD/web site, the binary is free of vulnerabilities?

Tar sands, fracking, and deep water drilling are expensive. Crude oil exceeded $100/bbl causing the financial crisis of 2007-08. NH₃ based fertilizer feeds an estimated ⅓ of the world with the Haber-Bosch process using natural gas as a feedstock.

by FrY10cK on Wed Feb 18, 2015 at 09:28:52 AM PST

[ Parent ]

Yes and no (1+ / 0-)

Recommended by:
eyo

Bugs such as Heartbleed and Shellshock reveal how long problems can exist in open-source software. It is indeed a fairy tale that open-source software is some panacea, at least if we're talking about perfect security in terms of low-level bugs.

But what you're unlikely going to find in open-source software, at least for very long, is some obnoxious phone-home technology or bullshit backdoor. Closed source is an opportunity for vendors to be audacious, and history shows they've used that opportunity to full advantage.

Obviously we can't at present peek at all firmware and hardware designs, and we may never have that capability in the general sense of seeing what the firmware/hardware should be, let alone in the personal sense of seeing what we actually have ourselves, but quite frankly, anyone running the monstrosities that come out of places like Microsoft and Adobe deserve all they get.

by Sucker Politics on Tue Feb 17, 2015 at 08:58:00 PM PST

[ Parent ]
Who wrote that fairy tale? I've never heard it. (1+ / 0-)

Recommended by:
renbear

What open source does is provide parties possessing the requisite resources the ability to audit and modify code as needed.

That is not a fairy tale.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:21:26 PM PST

[ Parent ]

you need open hardware. (8+ / 0-)

Recommended by:
JayBat, thanatokephaloides, MichaelNY, eyo, cville townie, zerone, dogemperor, middleagedhousewife

the boards and firmware designs need to be published
sold on the open market and you get the boards
separate from the drives and you need to be
able to get into the firmware....

by patbahn on Tue Feb 17, 2015 at 10:13:14 AM PST

[ Parent ]

If you did this ... (4+ / 0-)

Recommended by:
jrooth, MichaelNY, cville townie, dogemperor

people who are incredibly paranoid might have been able to defend against these attacks. But be realistic ... how many people would have checked that somebody hadn't altered their firmware?

by i dont get it on Tue Feb 17, 2015 at 10:18:01 AM PST

[ Parent ]

people few, large entities, most.... (8+ / 0-)

Recommended by:
renbear, MichaelNY, eyo, cville townie, ColoTim, dogemperor, JesseCW, NYFM

Look most people go, buy a box, off the shelf
at Best buy, plug it in.

It's how i got a back up disk for my laptop...

$200, there you go...

However, a big organization, say the US NRC or SEC
or DEA, they will have a full time IT staff and a full time
dedicated security team. Before new gear comes in,
they will go and say "Build it this way, use these code decks,
validate via"...

it's why in large organizations the IT teams install
the software to your desktop.

i suspect good sized universities, and research labs
will do this also

by patbahn on Tue Feb 17, 2015 at 10:23:47 AM PST

[ Parent ]

Auditing what's in software (11+ / 0-)

Recommended by:
renbear, MichaelNY, eyo, Bluesee, cville townie, cybersaur, Laughing Vergil, dogemperor, JVolvo, ivote2004, JerryNA

Open source projects can have defects, but it's hard to hide actual malware in files you can simply look at and read.

What's described here depends on proprietary software, since it's a lot easier to either compromise a company that produces hardware, or to simply force one of these companies to work with a government agency. If you don't have the source, it's pretty hard to find some kinds of malware.

Notice that several of the exploits described in the Ars Tecnica article depend on defects in Windows, a very large proprietary software system. That's not a coincidence. Windows is a very large haystack to hide your malware needles in.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 10:30:39 AM PST

[ Parent ]

I'm sure it's quite easy (1+ / 0-)

Recommended by:
dogemperor

to hide actual malware in files you can simply look at and read.

Considering the size of some projects, and the cleverness with which people can obfuscate code, the idea that malware couldn't hide in open source code seems frightfully naive to me.

With enough eyes, all bugs are shallow, unless all those eyes are assuming that someone else did the audit.

La majestueuse égalité des lois, qui interdit au riche comme au pauvre de coucher sous les ponts, de mendier dans les rues, et de voler du pain.

by dconrad on Tue Feb 17, 2015 at 11:45:16 AM PST

[ Parent ]

Most project won't accept a change like that (4+ / 0-)

Recommended by:
palantir, ivote2004, JerryNA, eyo

Coding standards are common, and any project that's used much has them. And well engineered code tends to be short and to the point. Code may be processed by computers, but it's meant to be read by human beings who will update or change it. Malware that seems to do something but does something else is hard to get past people who know the system they are working on.

So, no, not so easy to hide malware in any open source project that's used much. Someone needs to look at work getting added to the project. Often, the patch needs to get added with an automated test.

The problem with open source project isn't that people add malware to them. The problem is that some operations are subtle. and may assume that certain limits (say, how long a string or how many bytes you can add to some place in memory) that aren't really getting enforced. This is how you get exploits.

I don't know what your background is, but open source work (particularly in the Web and Unix world) has a certain way of doing things. The kind of problem you're talking about isn't much of a problem.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 04:27:05 PM PST

[ Parent ]

Open source (13+ / 0-)

Recommended by:
Johnny Q, MichaelNY, eyo, cville townie, renbear, palantir, dogemperor, happymisanthropy, JVolvo, DocGonzo, ivote2004, JerryNA, pgm 01

You think open source would have helped here?
I really don't see how.

Why do you suppose open source ever helps against malware (and it does)?
Open source helps against malware by leaving everything, not just a restricted API, open to examination by everybody. While this makes it easier to understand the inner workings of the code, more importantly, it strips the cover away that malware writers rely on to cover their tracks.

Closed-source payware software basically consists of a huge block of code marked "NO TRESPASSING" (and an End User Licensing Agreement or EULA, prohibiting reverse-engineering, that one must agree to in order to obtain usable access to that code), with an API, or Application Program Interface, which is all any user or outside developer gets access to.

While honest users will abide by the EULA, crooks won't; they make their own inroads into the Big Black Box (a rootkit) for their own nefarious ends. This is how almost all malware works.

Frankly, I'm ashamed of the hard-drive manufacturers. Flashable hard-disk firmware? How ridiculous! Get your code right the first time, and release no swine before its time! Sheesh!

"The greed, recklessness and illegal behavior of major Wall Street firms plunged this country into the worst financial crisis since the 1930s. They are too powerful to be reformed. They must be broken up." -- Senator Bernie Sanders (I-Vermont)

by thanatokephaloides on Tue Feb 17, 2015 at 10:53:46 AM PST

[ Parent ]

Open source does nothing of the sort as (2+ / 0-)

Recommended by:
dconrad, dogemperor

at one point a closed source compiler was probably used to compile the open source software if you go back in the chain far enough.

Remember, you have to trust the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled your software.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 11:39:12 AM PST

[ Parent ]

You missed the whole GNU generation I see. (10+ / 0-)

Recommended by:
thanatokephaloides, renbear, palantir, mbayrob, happymisanthropy, JVolvo, DocGonzo, ivote2004, JerryNA, pgm 01

Who doesn't use the GNU compiler? Proprietary software sellers, mostly.

Who contributes? Always room for more!

Contributors to GCC
The GCC project would like to thank its many contributors. Without them the project would not have been nearly as successful as it has been. Any omissions in this list are accidental. Feel free to contact law@redhat.com or gerald@pfeifer.com if you have been left out or some of your contributions are not listed. Please keep this list in alphabetical order.
[cut]

by eyo on Tue Feb 17, 2015 at 11:55:15 AM PST

[ Parent ]

Yes but what about the compiler that compiled (1+ / 0-)

Recommended by:
dogemperor

the early gcc versions before it was self hosting (could compile itself)?

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 12:35:12 PM PST

[ Parent ]

Pretty much the first thing a compiler compiles (2+ / 0-)

Recommended by:
mbayrob, eyo

is itself.

by palantir on Tue Feb 17, 2015 at 04:44:53 PM PST

[ Parent ]

But something still has to compile the (0+ / 0-)

first version. The only way to be sure would be to write a basic assembler and text editor using raw hex, then use that to assemble a better assembler until you can create a basic C compiler in assembly in order to compile gcc.

Even then you would still have to trust the hex editor and software you used to write the editor/assembler to disk.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 04:53:26 PM PST

[ Parent ]

GNU compilers are often the first compiler (2+ / 0-)

Recommended by:
palantir, eyo

available for new hardware like processors. This has been the case going back nearly 20 years now.

I don't know how closely you work in the industry, but when Intel, AMD and others come up with new processors, typically the GNU C and C++ compilers are the very first available. They may later come up with their own compilers if they think the GNU versions don't showcase their hardware well enough, but in general, why do that? The open source compilers are really good, and even a large corporation like Intel or Apple will use them, because writing your own "tool chain" (compilers, linkers, build systems) is very labor intensive. Intel is good at making chips, not compilers.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 04:56:04 PM PST

[ Parent ]

Yes but what about the compiler that (0+ / 0-)

compiled the first version of gcc that was able to compile itself? I doubt they went as far as to write a basic assembler and text editor (as well as all necessary display, keyboard, and filesystem drivers) using raw hex input, then use that to assemble a better assembler until you can create a basic C compiler in assembly in order to compile gcc.

Even then you would still have to trust the hex editor and software you used to write the editor/assembler to disk.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 05:05:52 PM PST

[ Parent ]

Now you're being silly (5+ / 0-)

Recommended by:
NYFM, DocGonzo, ivote2004, pgm 01, eyo

and yes, they are writing their own assemblers. To prevent licensing problems, these are "clean room" implementations. They are working from the processor manuals.

This isn't the "chicken and egg" problem you're making it out to be. The whole tool chain, beginning to end, has been available since before 1990 (the GCC compiler went 1.0 27 years ago). The GNU people do the chicken, the egg, the whole damn coop.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 06:09:36 PM PST

[ Parent ]

But what about their own MBR program, and (0+ / 0-)

their own keyboard/video/disk drivers? Because if they used a proprietary compiler or OS or even bootloader/BIOS to compile any part of the toolchain, even the very first version, then any part of it could be compromised. So you have to write your own bootloader, your own CPU microcode, make your own CPU hardware, your own video/hard drive/keyboard firmware, your own editor, your own assembler, and so on.

Remember, at one point gcc was compiled with a proprietary compiler or on a system with proprietary hardware and/or firmware and that is the point of vulnerability. Even if that was 30 years ago.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 06:31:24 PM PST

[ Parent ]

That would be Linux n/t (3+ / 0-)

Recommended by:
NYFM, ivote2004, eyo

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 07:34:20 PM PST

[ Parent ]

That is mostly theoretical nonsense (9+ / 0-)

Recommended by:
G2geek, thanatokephaloides, eyo, renbear, palantir, NYFM, DocGonzo, ivote2004, JerryNA

Yes, I'm familiar with Ken Thompson's "reflections on trusting trust" paper. Theoretically, it is very hard to know a piece of software is doing what it should. In practice, this would be very difficult to exploit without being detected (except on a local, isolated network, but those don't usually build all of their own software from source).

It is routine to compile a new compiler with an older compiler, or with several different compilers, to test correctness. They will not consist of the same binary object code, but the different builds of the same compiler must be able to generate the same binary code themselves.

On an isolated network, any discrepancy here might not be noticed, but to do this on a large scale to software used by millions of people would be inconceivable. That's why the NSA's attacks, as cloaked and stealthy as they were, were carefully targeted to a relatively small number of targets, as described in the article.

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 01:23:31 PM PST

[ Parent ]

To be clear (4+ / 0-)

Recommended by:
thanatokephaloides, eyo, palantir, ivote2004

this limitation applies only to operations like this, NSA's Tailored Access Operations (TAO), which rely on compromising outside systems' security.

The PRISM and similar mass-surveillance programs were under a different division, Special Source Operations (SSO), and that dragnet ensnared just about everyone.

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 02:21:48 PM PST

[ Parent ]

Actually... (0+ / 0-)

PRISM is not a mass-surveillance program, though there are mass-surveillance programs. There's been no evidence that such programs have targeted Americans or other Five Eyes citizens, let alone evidence that such programs are used routinely for that purpose.

We've heard (from the government) about an occasional bad apple spying on a spouse (every entity has bad apples); we've heard about five or six Muslim-Americans and don't have enough details to make anything of it; and we've heard about the unavoidable "incidental collection" that takes place (as it does in pretty much any intelligence or law-enforcement operation).

Nonetheless, several individuals in the media have profited handsomely from conflating legal foreign-intelligence operations with domestic illegalities.

by Sucker Politics on Tue Feb 17, 2015 at 09:23:25 PM PST

[ Parent ]

The gcc Source Code Is Open (2+ / 0-)

Recommended by:
ivote2004, eyo

Open source means that the compiled executable can be reverse-compiled back into source code, which can be compared with the original source code. Differences mean the evil compiler gets caught.

Yes, the reverse compiler could be compromised in a mirror image of the forward compiler. But it would be prohibitively difficult to sync the forward with the reverse compiler so that would always work on arbitrary code. Especially by even the NSA back in the early years of gcc, when the NSA budget was far tinier than it is today.

There is a purely theoretical argument in what you're saying. But in actual practice the open source does just what the post said.

Which is to make it far more difficult than closed source allows. Real security is about risks, statistical probabilities. Minimizing risks. Not absolutes and purely theoretical scenarios that the real world doesn't tolerate.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:43:17 PM PST

[ Parent ]

Decompilers... (1+ / 0-)

Recommended by:
eyo

...don't generate the exact source that goes in -- the best you get is an idiomatic equivalent. They really only get used in security and reverse engineering work as it is -- the quick way to uncover a suspected bad compiler is comparing the md5sum output of a known good compiled binary to the md5sum output of the suspect binary compiled from the same source.

Everyday Magic
Any sufficiently advanced technology is indistinguishable from magic.
-- Clarke's Third Law

by The Technomancer on Tue Feb 17, 2015 at 08:18:57 PM PST

[ Parent ]

Idiomatic Equivalent (0+ / 0-)

You still compare the idiomatic equivalent regenerated source to the original source. They'll be close of the two directional compilers are both honest, and probably noticeably divergent if not. Indeed the idiomatic differences probably amplify source inconsistencies, easier to detect. The key is to test a varied enough group of source codes.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 08:25:06 PM PST

[ Parent ]

Why flashable hard-disk firmware? (4+ / 0-)

Recommended by:
thanatokephaloides, renbear, DocGonzo, eyo

Unfortunately, companies make mistakes all the time. Seagate especially has made a lot of them in the past. The Barracuda 7200.11 model had a tendency to get into a state where it couldn't be accessed; they shipped a firmware which fixed the problem, and told users to install it themselves.

Thus avoiding tons of hard disks shipped back and forth at their expense, and making it the user's problem if they neglected to do so, rather than theirs to systematically RMA an entire batch of disks. Plus, if you got to the upgrade before your drive seized up, your data was safe and you didn't have to completely restore it from a backup.

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 02:19:03 PM PST

[ Parent ]

a choice (3+ / 0-)

Recommended by:
mbayrob, ivote2004, eyo

Plus, if you got to the upgrade before your drive seized up, your data was safe and you didn't have to completely restore it from a backup.
So there's a choice: a flashable drive which could theoretically be invaded, or a reliably secure drive which can't be fixed if broken.
N.B. Folks needing the latter -- a drive unbreakably secure -- usually have their own hardware techs. So these folks should have the option for a drive whose firmware is written in a WORM ROM chip, mounted in a socket rather than soldered in place. If a patch is needed, such folks order the new WORM ROM IC from the factory, pull the old IC, and pop the new one in.

(WORM == Write Once Read Many.)

At this point, I'm talking about such things as the NSA itself, and our military.

"The greed, recklessness and illegal behavior of major Wall Street firms plunged this country into the worst financial crisis since the 1930s. They are too powerful to be reformed. They must be broken up." -- Senator Bernie Sanders (I-Vermont)

by thanatokephaloides on Tue Feb 17, 2015 at 02:41:20 PM PST

[ Parent ]

Getting Both (2+ / 0-)

Recommended by:
ivote2004, thanatokephaloides

Actually what's needed is a burned-in firmware bootloader that checks a crypto checksum on both flashing new firmware and each time running it. That compromise means bugs in the bootloader require new hardware, but that should be rare, especially in simple bootloaders that do nothing but flash, boot, and checksum.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:46:37 PM PST

[ Parent ]

ramification #3: PAPER BALLOTS, dammit! (156+ / 0-)

Recommended by:
Thumb, Angie in WA State, zzyzx, cslewis, northsylvania, raboof, native, mimi, PeterHug, Pescadero Bill, nightsweat, TracieLynn, rabel, ovals49, sngmama, Nate Roberts, k9disc, manneckdesign, kharma, psnyder, Dallasdoc, mrkvica, white blitz, DSC on the Plateau, zerelda, side pocket, Steven D, TheOrchid, mosesfreeman, Sol Fed Joe, liamladdieo, Green Mountain Flatlander, Bluesee, Simian, tle, CTPatriot, Lying eyes, Simplify, dewtx, ChemBob, stevemb, Tool, brentut5, Tunk, sodalis, Joes Steven, bookwoman, Jim P, martini, Knucklehead, BachFan, Medium Head Boy, cybersaur, Prognosticator, blueoasis, NBBooks, DarkestHour, MJ via Chicago, StrayCat, gooderservice, lao hong han, PapaChach, middleagedhousewife, Persiflage, Alumbrados, dogemperor, lostinamerica, gerrilea, cynndara, happymisanthropy, rarely comments, Mike Kahlow, ivote2004, a gordon, DocGonzo, JerryNA, BlueInARedState, goodpractice

If NSA can do this, other interested parties can do other things that infect systems below the level of detection (e.g. bootloader viruses), regardless of open source operating systems and third-party security tools.

Any reliance on computers for voting or for counting votes, is a great big target just begging to be thoroughly exploited.

One vote here, one vote there, a few votes in a key precinct, can change an election outcome. Even a national one.

The only truly secure voting system consists of paper ballots, counted by hand, with the counting process under constant supervision by internet-connected cameras that anyone can watch via a web page.

If that means waiting a day or two for election results, so be it. Impatience and convenience are evil twins that have no place in the most important exercise of our democracy.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:39:10 AM PST

[ Parent ]

I continue to be perplexed by the thoughtless a... (55+ / 0-)

Recommended by:
Thumb, cslewis, RFK Lives, TracieLynn, Nate Roberts, k9disc, kharma, psnyder, mrkvica, zerelda, side pocket, G2geek, CTPatriot, eightlivesleft, dewtx, fixxit, stevemb, Tool, Jim P, martini, Prognosticator, ERTBen, linkage, yoduuuh do or do not, Shadowmage36, wilderness voice, bobswern, Don midwest, mconvente, T Maysle, Caerus, Johnny Q, Betty Pinson, DRo, SouthernLiberalinMD, MichaelNY, Laurel in CA, Catskill Julie, Punditus Maximus, robing1151, lunachickie, Bisbonian, eyo, patbahn, aprimo224, Elizabeth 44, dogemperor, gerrilea, cynndara, JVolvo, happymisanthropy, rarely comments, wenchacha, JerryNA, goodpractice

I continue to be perplexed by the thoughtless adoption of electronic voting systems, which make no sense on any level I can see. Especially in places like NY, which had used inherently tamper resistant voting machines for a century.

by solublefish on Tue Feb 17, 2015 at 05:29:32 AM PST

[ Parent ]

because "computers are cool." (42+ / 0-)

Recommended by:
StrayCat, k9disc, ozsea1, eightlivesleft, psnyder, PapaChach, rabel, dewtx, DRo, Joieau, Nate Roberts, bill dog, Shadowmage36, CroneWit, linkage, bewild, raboof, eyo, stevemb, cslewis, J M F, shaharazade, Punditus Maximus, side pocket, yoduuuh do or do not, Laurel in CA, Tool, MichaelNY, dconrad, Simplify, Bisbonian, Betty Pinson, CTPatriot, Mogolori, bobswern, mrkvica, dogemperor, lostinamerica, cynndara, wenchacha, JerryNA, goodpractice

Computers are good, so more computers are better than fewer, and even more computers are even better.

Everything has to have computers in it, like the omnipresent Spam in the Monty Python skit.

Computers in your car, in your fridge, in your clothes washer, in your clothes, in your toilet... seriously.

Here's how to calibrate your bullshit detector:

Substitute the word motor or motorized when you see "computer" or "internet" or "cloud," and see if it sounds wacko.

For example "...motorized salt-shakers."

Motors are good, right?, so the more motors the better. Therefore put motors in everything!

See how that works?

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 05:58:48 AM PST

[ Parent ]

More like, "because people are stupid". (19+ / 0-)

Recommended by:
nchristine, Joieau, Nate Roberts, linkage, stevemb, cslewis, shaharazade, Prognosticator, Qwisp, yoduuuh do or do not, Bisbonian, Betty Pinson, G2geek, bobswern, mrkvica, JVolvo, happymisanthropy, DocGonzo, JerryNA

Which is amply demonstrated by the fact that the electronic voting machine providers haven't been thrown into the deepest darkest dungeon. Along with all the politicians who support them.

I am become Man, the destroyer of worlds

by tle on Tue Feb 17, 2015 at 06:43:23 AM PST

[ Parent ]

Actually... (0+ / 0-)

... one could, cynically but reasonably, make the argument that "people are stupid" from the fact that so many Americans still bother to vote at all.

by Sucker Politics on Tue Feb 17, 2015 at 09:31:57 PM PST

[ Parent ]

and because Diebold is Diebold (27+ / 0-)

Recommended by:
corvo, shaharazade, Stude Dude, liamladdieo, side pocket, Thumb, blueoasis, ewmorr, Losty, AllanTBG, Tool, MichaelNY, Bisbonian, flevitan, Betty Pinson, CTPatriot, northsylvania, G2geek, bobswern, mrkvica, gerrilea, JVolvo, happymisanthropy, JerryNA, goodpractice, Don midwest, lunachickie

Diebold

In August 2003, Walden O'Dell, then the chief executive of Diebold, announced that he had been a top fund-raiser for President George W. Bush and had sent a get-out-the-funds letter to 100 wealthy and politically inclined friends in the Republican Party, to be held at his home in a suburb of Columbus, Ohio.
In December 2005, O'Dell resigned following reports that the company was facing securities fraud litigation surrounding charges of insider trading.

In March 2007, it was reported by the Associated Press that Diebold was considering divesting itself of its voting machine subsidiary because it was "widely seen as tarnishing the company's reputation".

Ohio: 2004 US election voting controversies
DNC Services (haha good one): opensecrets.org, Diebold

by eyo on Tue Feb 17, 2015 at 09:23:12 AM PST

[ Parent ]

Round about 2004, it became declasse to (43+ / 0-)

Recommended by:
zzyzx, cslewis, RFK Lives, kharma, stevemb, Tool, mlleelizabeth, Jim P, Prognosticator, blueoasis, shaharazade, AllanTBG, linkage, yoduuuh do or do not, wilderness voice, bewild, Don midwest, cybrestrike, T Maysle, Johnny Q, freesia, enhydra lutris, Punditus Maximus, lunachickie, WheninRome, eyo, Qwisp, bygorry, Betty Pinson, Pablo Bocanegra, protectspice, G2geek, Mogolori, bobswern, mrkvica, gerrilea, wordwraith, cynndara, JVolvo, happymisanthropy, rarely comments, DocGonzo, goodpractice

talk about problems with electronic voting. On the same level with talking about Area 51.

It was round about that same time that the term "Truther" was coined. What's great about talking about people who hold certain views and ask certain questions with contempt is that eventually, most people just stop talking about the issue in question--no matter what their views are.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:47:49 AM PST

[ Parent ]

The whole situation needs to be (16+ / 0-)

Recommended by:
Unduna, corvo, Johnny Q, Bisbonian, G2geek, Mogolori, bobswern, eyo, robing1151, mrkvica, dogemperor, JVolvo, SouthernLiberalinMD, goodpractice, Don midwest, lunachickie

revisited, in earnest. To do anything else, election-wise, before addressing this screaming vulnerability, is deluded. Might as well be rearranging deck chairs on the Titanic.

I think many people were intimidated by the sheer scope of the problem, and simply hoped that "our" hackers were better than " their" hackers. But that is not very comforting, and it's irresponsible, too.

Damn the notion of "propietary software", and no paper-trail receipts, when it comes to our elections! The whole system is no doubt rotten, and ripe for tampering, with oversight entrusted to all these crooked Secretaries of States. What a daunting mess!

What's done to one may come to all; United We Stand...

by Prognosticator on Tue Feb 17, 2015 at 10:37:40 AM PST

[ Parent ]

Yes, I think so too. (2+ / 0-)

Recommended by:
Prognosticator, lunachickie

There certainly is an obstacle course erected between us and representative government.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 06:58:52 PM PST

[ Parent ]

Yes, it was rather regressive (14+ / 0-)

Recommended by:
Pablo Bocanegra, northsylvania, G2geek, Mogolori, bobswern, mrkvica, Johnny Q, cynndara, JVolvo, happymisanthropy, SouthernLiberalinMD, Don midwest, lunachickie, Prognosticator

Suddenly our dear DC Dem leaders and their kool kidz thought it was no longer hip to talk about the science of vote hacking and election fraud forensics.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 12:43:36 PM PST

[ Parent ]

Pissed me off at the time, and yet, thru all the (10+ / 0-)

Recommended by:
bobswern, eyo, mrkvica, G2geek, Johnny Q, happymisanthropy, SouthernLiberalinMD, goodpractice, Don midwest, Prognosticator

exposed shenanigans in the security, financial and diplomatic sectors over the past seven or so years, I confess to not giving digital voter fraud a lot of thought. I've been more focused on de-registration of under resourced folks, and on the corrosive impacts of Citizens United. In fact, all the revelations are cause for redoubled alarm.

Our electoral system needs comprehensive repair. This is a reminder to think of the problem holistically.

"And now we know that government by organized money is just as dangerous as government by organized mob." -- FDR

by Mogolori on Tue Feb 17, 2015 at 02:26:05 PM PST

[ Parent ]
No kidding. (2+ / 0-)

Recommended by:
lunachickie, Prognosticator

The implication was that we were making everyone else look bad with our crazy claims.

Nowadays, those claims don't even look out-of-the-way, given some of the crazy shit that has turned out to be true.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:00:38 PM PST

[ Parent ]

It sounds wacky (3+ / 0-)

Recommended by:
SouthernLiberalinMD, DocGonzo, lunachickie

but that's just because it's off the cuff:
What if the Powers-That-Be(™) are encouraging, even planting, tinfoil hat style obviously silly theories and people for the purpose of preemptively discrediting legitimate criticism?

by doh1304 on Tue Feb 17, 2015 at 01:43:44 PM PST

[ Parent ]

the convergence of self-interested actors. (2+ / 0-)

Recommended by:
DocGonzo, BvueDem

There's no need for a deliberate plan, all it takes is self-interested actors doing what they do.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:50:44 PM PST

[ Parent ]

Yes (0+ / 0-)

but what I'm talking about could easily be opportunism.
Let's use GMO crops as an example: Modifying corn to give bigger yields is a good idea, but modifying corn to require expensive fertilizer to grow is evil. Now say that people start complaining that their corn won't grow unless they buy the expensive fertilizer, and some nuts start saying genetically modified corn is a plot by aliens from the planet Quark to turn everyone into cactuses. You could defend your plot to makee corn farmers dependent on your fertilizer by lying about your intentions, or you could point to the loonies and yell,"See? Only loonies are against us!"

by doh1304 on Tue Feb 17, 2015 at 06:23:02 PM PST

[ Parent ]

You mean the Tea Party? (2+ / 0-)

Recommended by:
DocGonzo, Don midwest

I swear to God that's what they look like to me.

When that's what resistance to the status quo looks like, the plutocrats have things well in hand.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:02:36 PM PST

[ Parent ]
Disinfo Campaigns (2+ / 0-)

Recommended by:
Don midwest, Prognosticator

The value of such a campaign is so large and obvious, with our intel agencies so corrupt, powermad and funded that it's hard to imagine that they don't do so.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:48:36 PM PST

[ Parent ]
There's a name for that (2+ / 0-)

Recommended by:
Prognosticator, SouthernLiberalinMD

it's called "well-poisoning".

encouraging, even planting, tinfoil hat style obviously silly theories and people for the purpose of preemptively discrediting legitimate criticism?
Alex Jones built an entire career on it.

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 09:13:25 AM PST

[ Parent ]

Funny, when I think of well-poisoning (1+ / 0-)

Recommended by:
lunachickie

I think of a more complex

two-step process.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Wed Feb 18, 2015 at 06:57:20 PM PST

[ Parent ]

Oh, I don't know, (1+ / 0-)

Recommended by:
SouthernLiberalinMD

there are surely a couple different varieties of "process", depending on which "side" one may fall on ;)

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 07:14:22 PM PST

[ Parent ]

funny how that works, isn't it? (6+ / 0-)

Recommended by:
bobswern, eyo, mrkvica, cynndara, Don midwest, Prognosticator

The bigger the elephant turd in the middle of the living room rug, the bigger the no-talk rule to deny its existence.

See also, how many people expressing their outrage in this diary, also use GMail or Google Voice.

"Grandma, what big eyes you have!"

"The better to see you with, my dear..."

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:07:15 PM PST

[ Parent ]

Ahh the Google bugaboo. (1+ / 0-)

Recommended by:
SouthernLiberalinMD

Get back to me when Google can arrest me and charge me under the Espionage Act of 1917...

"If you're in a coalition and you're comfortable, you know it's not a broad enough coalition /= GTFO" Dr. Bernice Johnson Reagon + JVolvo

by JVolvo on Tue Feb 17, 2015 at 06:07:28 PM PST

[ Parent ]

I find it irritating that Google can see me (2+ / 0-)

Recommended by:
JVolvo, Don midwest

Like having a used car salesman break into your house and sit there giving you his spiel and refusing to go away. Meanwhile rummaging through your underwear drawer.

But it's really much worse when Tony Soprano breaks into your house. Or the Stasi, or whoever these bastards think they are.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:05:10 PM PST

[ Parent ]
Worse than Nothing (1+ / 0-)

Recommended by:
SouthernLiberalinMD

While Big Brother government is worse than Big Brother Inc, the corporate omniscience is far too bad to tolerate.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:49:41 PM PST

[ Parent ]

Thank you for connecting the dots...I had almost (3+ / 0-)

Recommended by:
happymisanthropy, SouthernLiberalinMD, lunachickie

forgotten how they manipulated public opinion on this subject.

-7.62; -5.95 The scientists of today think deeply instead of clearly. One must be sane to think clearly, but one can think deeply and be quite insane.~Tesla

by gerrilea on Tue Feb 17, 2015 at 05:21:30 PM PST

[ Parent ]

Sure. (2+ / 0-)

Recommended by:
gerrilea, lunachickie

It's one of those things I'll never forget.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:05:41 PM PST

[ Parent ]

The argument is "disability assistance" (12+ / 0-)

Recommended by:
eyo, stevemb, Garrett, corvo, Stude Dude, Prognosticator, Another Grizzle, Betty Pinson, mrkvica, dogemperor, cynndara, JerryNA

It's a valid argument, as far as at goes. It doesn't go very far.

If electronic voting, then Internet voting.
If secure voting, then paper ballots.

If the goal is the advantages of technology assistance for the blind, for those with visual impairments, for others who had trouble with the standard paper ballot, then Internet voting gives more advantages than any expensive Diebold machine. This, of course, is supposing that it's more feasible to spend a fortune on Diebold machines rather than adapting the paper ballot with readers or alternate booths, which is absurd on its face.

If the goal is secure ballots, the locked ballot box is better than the uploaded flash card, every time.

"Th' abuse of greatness is when it disjoins/ Remorse from power" -- Shakespeare, Julius Caesar II i 18-9

by The Geogre on Tue Feb 17, 2015 at 08:58:18 AM PST

[ Parent ]

you can use paper for 90% (8+ / 0-)

Recommended by:
Laurel in CA, Prognosticator, The Geogre, eyo, happymisanthropy, memiller, JerryNA, lunachickie

of the voters and have one or two electronic stations
for the disabled.

design the electronic stations to handle all the
"Issues" but spit out a paper ballot and let the
elderly or their assistant inspect it.

by patbahn on Tue Feb 17, 2015 at 10:16:07 AM PST

[ Parent ]

Here in Oregon we have mail-in ballots (8+ / 0-)

Recommended by:
G2geek, eyo, mrkvica, Johnny Q, cynndara, JerryNA, goodpractice, Prognosticator

which are completely disabled-friendly, with drop off stations all through the city so we don't pay postage if we don't want to. Paper ballots, marked in the privacy of our own homes. I do't know if they are computer read and counted, but at least the 'paper trail' is there, literally, to be checked if anyone has any doubts. No lines, lots of early voting (we get them at least 2 weeks in advance) and available to all registered voters.

Trying for sanity in an insane world.

by QueenOfTheFaeries on Tue Feb 17, 2015 at 12:40:45 PM PST

[ Parent ]

That's just too easy (0+ / 0-)

It actually encourages the majority of people to vote.

by cynndara on Tue Feb 17, 2015 at 06:11:02 PM PST

[ Parent ]

however, that's still sufficient to... (3+ / 0-)

Recommended by:
eyo, lunachickie, Prognosticator

... put elections at risk.

Even one computerized voting machine is sufficient.

All it takes is one or two flipped votes in each of a number of precincts, to alter an election result.

"Headline news! Disabled voters lean Republican!"

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:16:38 PM PST

[ Parent ]
In Michigan, we have one Auto-mark machine in (0+ / 0-)

every precinct -- visually impaired voters can use it to mark a paper ballot, which then gets tabulated along with all the rest. It is a bit clunky to use, but we are due for another generation of voting hardware soon, and I hear there are dramatic improvements.

Mark E. Miller // Kalamazoo Township Trustee // MI 6th District Democratic Chair

by memiller on Tue Feb 17, 2015 at 08:29:09 PM PST

[ Parent ]

And polling places are handicap accessible (7+ / 0-)

Recommended by:
G2geek, eyo, mrkvica, dogemperor, memiller, JerryNA, Prognosticator

You don't even have to get out of your car.

Bipartisan election judges will bring the ballot to you and assist you in marking it.

Anyone who thinks internet voting is a good idea knows absolutely nothing about computers or the internet.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 12:46:21 PM PST

[ Parent ]
there are ways to accommodate disabled voters... (8+ / 0-)

Recommended by:
mrkvica, ERTBen, eyo, happymisanthropy, JerryNA, Teiresias70, lunachickie, Prognosticator

... without creating the potential for election tampering.

1) Ballots printed with very large fonts. These will work for people who have age-related or similar visual impairment but who are not blind.

2) Ballots printed with Braille as well as conventional text. These will work for blind folks who read Braille.

3) Mechanical devices to mark printed ballots. This for people who are paralyzed and use assistive devices with any means of controlling an interface. Insert paper ballot, use whatever interface one has to control a mechanical X-Y-axis device to mark a ballot. Visually (or Braille) observe that the ballot is being marked correctly.

And surely the disability-rights community can come up with solutions for less-common needs, that don't entail vulnerabilities to hacking.

As for "oh the cost!," the answer is, we do not spare expenses for national defense, and the defense of our voting system against the risk of cyberattack is a clear national defense need.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:14:50 PM PST

[ Parent ]

I'm not (11+ / 0-)

Recommended by:
nchristine, corvo, shaharazade, Prognosticator, Thumb, Johnny Q, Pablo Bocanegra, G2geek, eyo, mrkvica, happymisanthropy

perplexed by it at all. I don't know why anyone would be.

What perplexes me is why it's permitted to continue, particularly in the face of something like this.

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:24:17 AM PST

[ Parent ]

Yes, the only ones clamoring for instant (48+ / 0-)

Recommended by:
Thumb, Alumbrados, cslewis, Pescadero Bill, PeteZerria, Nate Roberts, k9disc, psnyder, mrkvica, liamladdieo, G2geek, CTPatriot, Simplify, dewtx, stevemb, mlleelizabeth, Hannibal, Prognosticator, blueoasis, middleagedhousewife, shaharazade, AllanTBG, ERTBen, Shadowmage36, wilderness voice, cville townie, CroneWit, wayoutinthestix, BvueDem, cybrestrike, zmom, Betty Pinson, Floande, ozsea1, enhydra lutris, blackjackal, Joieau, lunachickie, Bisbonian, flevitan, Stude Dude, eyo, leeleedee, aprimo224, bill dog, JVolvo, JerryNA, goodpractice

results are the media outlets who believe elections belong to them and value above all their assumed right to "call" the winners before their competition. But they are wrong.

Elections belong to the voters, not the news media not even the candidates. I never hear voters demanding instant election results. I often hear voters demanding security and transparency from registration to ballot to vote count.

Okay, the Government says you MUST abort your child. NOW do you get it?

by Catskill Julie on Tue Feb 17, 2015 at 06:20:45 AM PST

[ Parent ]

in oklahoma we did paper/electronic (10+ / 0-)

Recommended by:
Prognosticator, Another Grizzle, Bisbonian, Betty Pinson, cville townie, northsylvania, G2geek, mrkvica, dogemperor, JerryNA

you filled out a paper "Scan-tron" ballot by filling
in an arrow, then you passed it into a box with a scanner.

the early results would come in 15 minutes, and
if there was a need for a re-count you had sealed
containers in a warehouse.

the one recount i saw took all of a day.

by patbahn on Tue Feb 17, 2015 at 10:17:30 AM PST

[ Parent ]

Paper ballots with scanners work well (4+ / 0-)

Recommended by:
G2geek, Catskill Julie, Johnny Q, happymisanthropy

They're great if you need a recount. But any system is still subject to hacking if votes end up being tallied in computers.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 12:48:55 PM PST

[ Parent ]

they hand counted the ones (1+ / 0-)

Recommended by:
JerryNA

in the one race.

and a good statistical hand count.

sample certain precincts after the scan.

by patbahn on Tue Feb 17, 2015 at 02:11:27 PM PST

[ Parent ]

so, why not hand-count everything... (2+ / 0-)

Recommended by:
cynndara, Prognosticator

.... while the public watches via cameras on websites?

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:52:05 PM PST

[ Parent ]

better but not good enough. (3+ / 0-)

Recommended by:
Catskill Julie, mrkvica, Prognosticator

The point is to get software-controlled systems OUT of our elections.

Any machine with parts you can't inspect (e.g. software) is vulnerable to hacking.

See also Target, Anthem, etc.

80-million-plus identity thefts in one go, ought to be sufficient to shut down any debate about computerized voting.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:19:23 PM PST

[ Parent ]

have you ever (2+ / 0-)

Recommended by:
ERTBen, Johnny Q

considered applying Nevada Gaming Commission rules to voting machines? They can't have their slot machines compromised, so they have rules about access to software and machines, and testing of software for back doors.
That kind of thing would go a long way toward securing voting machines.

(Is it time for the pitchforks and torches yet?)

by PJEvans on Tue Feb 17, 2015 at 03:16:54 PM PST

[ Parent ]

what for? it's a solution seeking a problem. (6+ / 0-)

Recommended by:
mrkvica, ERTBen, happymisanthropy, cynndara, JerryNA, Prognosticator

Let's see, my motorized salt shaker's motor is corroding from the salt, so let's make it out of titanium. And its cloud-based voice rec is getting false positives for the command "salt" every time I say fault, malt, Walt, or Gestalt, so let's have people say "Google" first: "Google: Salt!" Presumably it'll still pick up all the usual advertising and natsec keywords from random conversations at the dinner table, so it's all good, right?

Why all this dancing and tweaking just to put more computers and more software into everything?

There's no need.

Do you have a water faucet at your desk? How about an air conditioner in your shower? A drill-press in your kitchen? Why not? Are you some kind of Luddite?

See the problem?

There's no need.

There's exactly zero good reason to make our voting system dependent on software. None whatsoever. Even disability access: I dealt with that subject in another comment.

30 years' professional experience in technology speaking here.

Why add stuff that isn't necessary and only causes problems?

The advocates of software-controlled voting systems need to answer that question. So far there hasn't been a good answer.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 03:48:59 PM PST

[ Parent ]

Of course they can. Keep in mind that an iphone (9+ / 0-)

Recommended by:
psnyder, eyo, dewtx, kharma, BachFan, stevemb, enhydra lutris, G2geek, JerryNA

jailbreak or something like Safestrap is, in terms of technology, nothing more than a bootloader virus. They just happen to be ones that give full control to the owner/user rather than a third party.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 06:35:01 AM PST

[ Parent ]
Is there a reason why NSA couldn't apply (10+ / 0-)

Recommended by:
Don midwest, kharma, stevemb, lunachickie, shaharazade, Punditus Maximus, side pocket, Prognosticator, blueoasis, Johnny Q

its own methods to electoral outcomes?

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:51:18 AM PST

[ Parent ]

NSA & elections - 2012 in Ohio - agent here (27+ / 0-)

Recommended by:
Thumb, side pocket, corvo, Simplify, stevemb, Tool, mlleelizabeth, Medium Head Boy, Prognosticator, shaharazade, AllanTBG, linkage, cybrestrike, Losty, enhydra lutris, SouthernLiberalinMD, Punditus Maximus, Bisbonian, bygorry, Bluesee, G2geek, mrkvica, JVolvo, ivote2004, JerryNA, BlueInARedState, goodpractice

Ohio has had an active effort in election integrity for over a decade following stolen election in 2004

in the last presidential election, The Free Press, got two leaks. One was Romney's son owning voting machines involved with tabulation of results.

in 2004, and not sure about 2012, results were tabulated for the state outside the state in a private company with Bush folks on the board. The other was putting in untested, un certified software into tabulation machines.

in any case, know for sure, that in the 2012 election, the state was full of attys

and The Free Press took the state to court to stop the election

and our of no where, a couple of guys came to town and testified. One was recently retired after 35 years in the NSA. These two wittnesses had never had contact to locals before.

Why Rove Failed to Deliver Ohio on Election Day: What Happened in Ohio This Time Around

by Don midwest on Tue Feb 17, 2015 at 08:01:58 AM PST

[ Parent ]

Interesting. Thanks for the link. (5+ / 0-)

Recommended by:
shaharazade, G2geek, ivote2004, JerryNA, Don midwest

I didn't realize LE scrutiny still counted for anything when a powerful person wanted something.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 08:15:04 AM PST

[ Parent ]
Also - (10+ / 0-)

Recommended by:
corvo, shaharazade, bygorry, Prognosticator, Simplify, mrkvica, G2geek, JVolvo, ivote2004, JerryNA

This and this.

Her Final Year, Follow Me, Facebook, LinkedIn.

by GreyHawk on Tue Feb 17, 2015 at 08:56:23 AM PST

[ Parent ]

Thanks for keeping that memory alive. (4+ / 0-)

Recommended by:
G2geek, Don midwest, dogemperor, ivote2004

(not snark)

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 10:05:52 AM PST

[ Parent ]

Didn't see your response in time to tip it. (0+ / 0-)

But appreciate it. :)

Her Final Year, Follow Me, Facebook, LinkedIn.

by GreyHawk on Fri Feb 20, 2015 at 05:58:14 PM PST

[ Parent ]

The Real Reason Karl Rove Freaked Out (15+ / 0-)

Recommended by:
corvo, shaharazade, cybrestrike, blackjackal, SouthernLiberalinMD, lunachickie, Stude Dude, bygorry, flevitan, Bluesee, G2geek, mrkvica, Don midwest, dogemperor, ivote2004

"Dammit, the fix was supposed to be in!"

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:11:34 AM PST

[ Parent ]

You know that's what it was about (19+ / 0-)

Recommended by:
Thumb, side pocket, Simian, corvo, shaharazade, cybrestrike, Losty, SouthernLiberalinMD, Bisbonian, Stude Dude, bygorry, G2geek, mrkvica, Don midwest, JVolvo, happymisanthropy, cynndara, ivote2004, Prognosticator

even if nobody can actually prove it now.

I seriously thought the guy was going to hurl right there on-camera. As it was, he got noticeably whiter, and he was already pasty-white to start with (don't even get me started about the flop-sweat, that's a whole dissertation, lol)

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:27:18 AM PST

[ Parent ]
Guess his rich friends sold him out. (4+ / 0-)

Recommended by:
Choco8, G2geek, mrkvica, Don midwest

They realized Democrats could also serve certain purposes, sometimes better than Republicans.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 10:04:42 AM PST

[ Parent ]

That was great (2+ / 0-)

Recommended by:
ivote2004, Prognosticator

"Don't worry, this software is only being used on an experimental basis so that means it's OK."

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:12:11 PM PST

[ Parent ]

NSA has no interest in that. (2+ / 0-)

Recommended by:
ivote2004, Prognosticator

But various private-sector actors and other interested parties do, and they are capable of learning from what NSA does.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:53:17 PM PST

[ Parent ]

Conspiracy Theorist!!111!! (7+ / 0-)

Recommended by:
G2geek, bobswern, mrkvica, Johnny Q, happymisanthropy, ivote2004, Prognosticator

/snark

Or so some here would say.

Seriously, Dems/progressives/neolibs have to become educated about the likelihood of election tampering and how it happens.

For a group so hung up on science and evidence, some are rather regressive when it comes to election tampering.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 12:41:34 PM PST

[ Parent ]

and it didn't help that Markos himself... (6+ / 0-)

Recommended by:
bobswern, Peace Missile, cynndara, ivote2004, Prognosticator, BvueDem

... went on a screeching rant about this and declared that anyone making claims of election tampering was a CT-er who would be immediately banned.

He even used "shit" in the diary title, a violation of his own rule about not using cusswords in diary titles because they cause the site to be unavailable on networks that run parental controls (such as libraries).

That was the point at which I took my un-announced and puzzling leave of this place for a couple of years.

Because there's something I know about.

But I can't discuss it here.

If anyone is still wondering why I disappeared for a while without a word, that's the answer.

"The bigger the turd on the living-room rug, the bigger the no-talk rule against mentioning it."

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:27:59 PM PST

[ Parent ]

I didn't leave (2+ / 0-)

Recommended by:
goodpractice, BvueDem

for that reason. But I took it under advisement. And as more and more people whose writings I used to look forward too vanished, I showed up less frequently. Because when speaking your mind becomes taboo on ANY site, the quality of discourse and information available suffers.

dKos has gone from a brilliant, witty, and informative site to a place where one has to keep an eye out over the shoulder (so to speak) for the Secret Police and be careful not to obviously call the Party Line into question. There are still a lot of good people and some interesting stories that get aired here. But it's no longer viable as my primary source of news.

by cynndara on Tue Feb 17, 2015 at 06:53:29 PM PST

[ Parent ]

DailyKos no longer a primary source of news. (0+ / 0-)

But it's no longer viable as my primary source of news.
I've noticed and lamented this, as well. If I'm busy and rely only on DailyKos for news, I get a skewed and non-reality based view of the world, and I miss important stories.
It's become more a chorus of preachers for special causes, and less a group united to win elections. I look at who Markos chooses as front-page editors and moderators, and I can only conclude that winning elections is no longer his goal.

by BvueDem on Wed Feb 18, 2015 at 03:44:03 PM PST

[ Parent ]

IMO, winning elections is no longer the primary (1+ / 0-)

Recommended by:
BvueDem

goal for the Democratic party.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Thu Feb 19, 2015 at 04:49:35 PM PST

[ Parent ]

Do you think it should be? nt (1+ / 0-)

Recommended by:
SouthernLiberalinMD

by BvueDem on Thu Feb 19, 2015 at 05:29:39 PM PST

[ Parent ]

I think that winning elections should be (0+ / 0-)

the secondary goal of a political party. Or, to put it another way, the means by which it achieves its primary goal: setting the policy agenda for the country in line with its stated platform. If they articulate that platform honestly to the voters, and the voters vote them in, that should also result in representing the voters' wishes for the country.

That's how it's supposed to work, anyway.

The way it's working right now, neither winning elections nor setting a policy agenda in line with their stated platform is the primary goal of the Democratic party. In fact, we seem to be inhabiting a post-platform world. Since we have a party that neither cares about advancing a policy agenda nor cares particularly deeply about keeping majorities, I'd argue we're also inhabiting a post-partisan and perhaps even a post-political world.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Fri Feb 20, 2015 at 05:37:30 PM PST

[ Parent ]

Someone as smart as you can find a way (0+ / 0-)

to raise it, whatever it is.

By creating and justifiably using a sock-puppet account, or by blogging on it elsewhere under a different name, or by dropping the evidence with a local reporter, or discovering who else knows what you know (there is always someone else) and putting reporters in touch with them, or whatever. There's always a way.

Because there's something I know about.
But I can't discuss it here.

by BvueDem on Wed Feb 18, 2015 at 03:39:19 PM PST

[ Parent ]

Was going to say. (2+ / 0-)

Recommended by:
bobswern, G2geek

Thanks for thinking of it first.

Geologically, there's not so much to worry about; biologically, on the other hand, we have a situation. Randy Malamud

by northsylvania on Tue Feb 17, 2015 at 02:03:36 PM PST

[ Parent ]
Anyone with privileged access on the Internet... (0+ / 0-)

... could become a multi-millionaire overnight, if not a billionaire. No need for electoral bullshit. Just rewrite a few affiliate cookies and whatnot, something a few ISPs have already been caught doing. Money has all the political clout one would need.

by Sucker Politics on Tue Feb 17, 2015 at 09:30:42 PM PST

[ Parent ]
The real threat. (0+ / 0-)

Finally! Someone with their head screwed on straight. Thank you G2geek! Paper mail-in (or better, walk-in) ballots are the closest we are likely to get to an upright voting process.

But I'm also going to (probably) P-off a buncha people on this thread: I have NO PROBLEM with NSA having all my communication records. They aren't the ones that are going to ever use them against me. It's the commercial BIG DATA collectors that sift through everything they can get their hands on. Their first motivation is to sell stuff into a promising marketing segment. Harmless irritation, right? But there are others who might go so far as to use that same data to squash all job openings for one particular individual based on his/her voting preferences.

by SeniorShuffler on Thu Feb 19, 2015 at 02:27:33 AM PST

[ Parent ]

What has Open Source really to do with this? (17+ / 0-)

Recommended by:
native, DRo, Knucklehead, Don midwest, linkage, unfangus, lunachickie, shaharazade, bygorry, Jim P, Subterra, side pocket, blueoasis, MNPundit, G2geek, dogemperor, cynndara

Just because with Open Source we have the hope that now and then someone detects the maliciousness of human intentions expressed through code hidden down under the metal so to speak, just doesn't mean we have enough control over the code to protect civil society from it.

All it would do is to change our slave masters from
one sort of technical community insiders to the another group of "newer, cooler sort of technical community insiders".

I wonder why you believe that this technology is still controllable by a democratic process and be under control at all?

This is not a question of whom and what sort of code you trust to make the technology controllable. It's a question if you really believe that this technology is still controllable at all with regards to provide a democratic society for all people.

So far, we always have become victims of our own capability to think and invent. Be it nuclear fission, genetic bio-engineering or coding our intelligence away into AI.

It hasn't given us any "progress". We suffer under the same exploitation and lack of power to live in harmony with our neighbors and nature. We still die, get sick, murder, reproduce and struggle to survive in the mess we create.

I used to believe in the benign features of open source code. I don't anymore. The technology is so complicated that it will always remain uncontrollable by the masses of people, there will always be a dependency from a few "expert insiders" and it's the fallacy to believe that this dependency is any better, safer or more beneficial than the dependency we had before. This is a technology that makes you believe it's democratic, but in fact is destroying it, because it's in the hands of some "inside coders and some corporate money". It's the biggest con-artist technology imaginable.

People need to divest from that technology and learn the skills of survival without it. In the end we all lose our skills of decentralized, local, independent survival. Why that is supposedly good, I just can wonder.

Die Gedanken sind Frei - caucus99percent

by mimi on Tue Feb 17, 2015 at 06:58:55 AM PST

[ Parent ]

You can't understand a lot of what you use (5+ / 0-)

Recommended by:
cybrestrike, renbear, flevitan, mrkvica, rarely comments

That's how civilization works: people specialize. You go to doctors who specialize in medicine. You use metals and plastics and other materials you don't understand well enough to produce. That's not anti-democratic. That's just how human culture has worked since people started living together in groups larger than a couple of hundred. You don't know everything. You can't know everything.

You may not understand how to analyze software, but there are people who can, and do. We may need to help fund or support people who audit software for security, but that's a solvable problem.

Your argument against "expert insiders" is a prescription to withdraw from most of the benefits not only of technology, but of civilized economies going back into the Bronze Age.

I'm having trouble taking it seriously.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 10:44:23 AM PST

[ Parent ]

And when necessary technologies (1+ / 0-)

Recommended by:
ivote2004

become the domain of specialists, the next step is for the few Rich & Powerful (or Kalos k'agathos if you prefer) to control those specialists. And the rest of us are locked into various forms of serfdom by the need for resources and expertise which are completely controlled by the 1%.

Freedom for the majority requires that resources and expertise be divided or shared roughly equally. Anything else, and power concentrates in a few hands to the detriment of all others. It's deceptive and disingenuous to dissociate political freedom from economic self-sufficiency, access to necessary resources, and rough parity of capital and coercive power. Liberty doesn't exist in a vacuum.

by cynndara on Tue Feb 17, 2015 at 07:00:07 PM PST

[ Parent ]

Knowlege is at least somewhat democratic (0+ / 0-)

Knowlege is leaky. You can get it w/o the approval of authority. You can spread it w/o the approval of authority.

This is especially true of software, which requires cheap standard hardware, and labor. And can be given to others for almost no cost. It is the least controlable of technologies. There is almost no capital required. It is almost pure labor.

If you think you can have freedom w/o knowlege, you will end up without either.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 07:43:10 PM PST

[ Parent ]

Now that might happen. (4+ / 0-)

Recommended by:
kharma, Don midwest, linkage, happymisanthropy

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:50:17 AM PST

[ Parent ]

;) (0+ / 0-)

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 06:56:05 PM PST

[ Parent ]

my desnarkifier compiler, on 2nd pass, (0+ / 0-)

spits out from its possibilitizer code generator:

now, that might happen.

#3: ensure network neutrality; #2: ensure electoral inclusivity; #1: ensure ecosystemic sustainability. Follow @iVote4USA

by ivote2004 on Tue Feb 17, 2015 at 07:13:47 PM PST

[ Parent ]

How can open source save you? (4+ / 0-)

Recommended by:
jrooth, dconrad, G2geek, dogemperor

Unless there is a JTAG port and you have a boatload of time (bootload?) you're not going to have a good way to checking out the firmware to see if it is still the same stuff that was put there by the manufacturer.

Good luck with that.

Happy little moron, Lucky little man.
I wish I was a moron, MY GOD, Perhaps I am!
^{—Spike Milligan}

by polecat on Tue Feb 17, 2015 at 09:27:53 AM PST

[ Parent ]

voting needs software, like a salt-shaker needs... (2+ / 0-)

Recommended by:
mrkvica, polecat

...a motor.

No more having to ask a family member to pass the salt, just say "salt!" and cloud-connected voice recognition picks up your command (and any other keywords you happen to utter), and the salt shaker scoots across the table right into your hand.

What could be more convenient?

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:31:21 PM PST

[ Parent ]

Sure, but...does open source firmware buy much (0+ / 0-)

here?

It seems unlikely that the hard drive manufactures intentionally infected their hard-drives.

The one benefit I can see of open-source firmware is that users for who security is critical, presuming they have the resources, can audit the firmware source to ensure there are no backdoors or assorted other "bad things" and flash the drive with the safe firmware.

That seems like a lot of effort and capability for the vast majority of users.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:19:20 PM PST

[ Parent ]

the ramifications will be a collective national (28+ / 0-)

Recommended by:
cslewis, Pescadero Bill, Bruce The Moose, rabel, kharma, white blitz, exlrrp, Simian, jhancock, corvo, dewtx, pasadena beggar, cardboardurinal, PapaChach, AllanTBG, dconrad, bobswern, cybrestrike, J M F, Caerus, blackjackal, DRo, eyo, unfangus, Demeter Rising, Caipirinha, Alumbrados, mrkvica

yawn and business continuing as usual.

To put the torture behind us is, inevitably, to put it in front of us.

by UntimelyRippd on Tue Feb 17, 2015 at 05:45:07 AM PST

[ Parent ]

Probably (19+ / 0-)

Recommended by:
native, DSC on the Plateau, exlrrp, corvo, dewtx, Hannibal, shaharazade, Debs2, bobswern, cybrestrike, J M F, lunachickie, eyo, Caipirinha, mrkvica, dogemperor, happymisanthropy, cynndara, goodpractice

because honestly, is anyone surprised that NSA would do this? Esp. after what we learned from WikiLeaks, and then Snowden - is anyone really surprised?

by Caerus on Tue Feb 17, 2015 at 06:20:23 AM PST

[ Parent ]

Yeah (6+ / 0-)

Recommended by:
DSC on the Plateau, corvo, exlrrp, eyo, J M F, bobswern

I already just assumed that they could, and were, doing this sort of stuff.

First they came for the farm workers, and I said nothing.

by Hannibal on Tue Feb 17, 2015 at 06:23:41 AM PST

[ Parent ]

Yeah, same here (6+ / 0-)

Recommended by:
eyo, nchristine, corvo, bygorry, bobswern, mrkvica

This probably isn't half of it

Happy just to be alive

by exlrrp on Tue Feb 17, 2015 at 06:52:24 AM PST

[ Parent ]

It almost certainly isn't the half of it (2+ / 0-)

Recommended by:
mrkvica, happymisanthropy

At this point the US Government (and I'd like to point out that explicitly includes Obama) has made clear their stance. In their opinion they have every right to collect everything they can which is not explicitly prohibited by some law that contains zero loopholes. Given that much of the workings of what is "legal" happen entirely in secret a reasonable person would assume some degree of bias in favor of "more is better" collection. That they are actively doing so is not a secret. We've known this for decades.

In some people's eyes the government can be entrusted with such power. In other people's opinion, they cannot. In the eyes of history, these things never turn out well.

by Snapple on Tue Feb 17, 2015 at 12:18:02 PM PST

[ Parent ]

Ditto.... and I'm an applications programmer. (4+ / 0-)

Recommended by:
corvo, kharma, bobswern, mrkvica

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 07:04:17 AM PST

[ Parent ]

We should be... (4+ / 0-)

Recommended by:
bobswern, corvo, Johnny Q, mrkvica

and we should be outraged by it...unfortunately, we, as a collective, won't bat an eye.

"[I]n the absence of genuine leadership, they'll listen to anyone who steps up to the microphone...They're so thirsty for it they'll crawl through the desert toward a mirage, and when they discover there's no water, they'll drink the sand."

by cardboardurinal on Tue Feb 17, 2015 at 10:14:03 AM PST

[ Parent ]
Especially after I bought my laptop. (1+ / 0-)

Recommended by:
Prognosticator

It came loaded with Windows 8. I despised Win 8, but my pet geeks promised that they could wipe it and reload Win 7.

It ended up taking a professional hacker and a highly-paid computer security expert TWO DAYS to wipe and replace my system, because the adaptations to Windows 8 had been laid down all the way into the BIOS. In the process, they discovered that the BIOS chip was designed with an NSA backdoor that would only do its thing on Windows 8 . . . and thus, the entire system had been built to accommodate NSA spyware.

I have Windows 7 on this computer. My next computer is going to be custom-built from raw parts and run a Linux system. With a physical switch to enable/disable WiFi.

by cynndara on Tue Feb 17, 2015 at 07:07:29 PM PST

[ Parent ]

It's known as despair. Or learned helplessness, (14+ / 0-)

Recommended by:
kharma, blueoasis, Don midwest, cybrestrike, tb mare, Johnny Q, renbear, lunachickie, unfangus, Bluesee, mrkvica, JVolvo, happymisanthropy, cynndara

if you're a social scientist.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:52:07 AM PST

[ Parent ]
public may yawn, but not business and governments (18+ / 0-)

Recommended by:
northsylvania, corvo, stevemb, shaharazade, ERTBen, protectspice, cybrestrike, J M F, nchristine, Johnny Q, No one gets out alive, Punditus Maximus, Steve Masover, Demeter Rising, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy

,who are the real targets of the US government's espionage program, not terrorists.

I see several consequences:

Less trust in American software and now hardware products. Business will now move to manufacturers and software products from other countries not aligned with the US, such as, ironically, China.

Microsoft is in trouble on this. There is huge inertia to stick with Windows, but it's pretty obvious now that any business or government that uses PCs is vulnerable to espionage by hacking and any reassurance by Microsoft is meaningless (especially after the stories about them allowing NSA access to back doors in Skype and Windows). I doubt that Apple will be perceived as any more trustworthy so there may be pressure to adopt alternative OSs like Linux, which has several high security variations.

Also, there will be extreme pressure on hardware manufacturers to fix the inherent vulnerability of allowing firmware updates on computers in the wild. Open sourcing drivers and firmware may help improve security, but I don't know if that will be sufficient. There may need to be further security mechanisms such as requiring a physical switch or button be activated before any change is allowed.

"Tell the truth and run." -- Yugoslav proverb

by quill on Tue Feb 17, 2015 at 07:55:02 AM PST

[ Parent ]

This button of yours... (2+ / 0-)

Recommended by:
quill, mrkvica

I'm curious what it would do. Is there some reason you think the microcode inside of Intel and AMD processors is secure against the NSA? The bottom line is that when you allow secret rulings and secret court orders being asked for and granted by parties which are known to be untrustworthy then you have to assume broad malfeasance.

There is something we can do but not about the NSA. Nor is there a technical solution. The problem is political and it can only be solved in the voting booths.

by Snapple on Tue Feb 17, 2015 at 12:37:11 PM PST

[ Parent ]

well I agree with you about that (2+ / 0-)

Recommended by:
mrkvica, cynndara

Though changing the government to that degree may be difficult or impossible. The security lock switch idea would be a way for hardware manufacturers to restore confidence in their products, and would need to be adopted as an industry standard to be effective.

Snowden remarked that we can't expect our governments to ever be trustworthy, and I agree. There's just too much incentive not to exploit technology to gain advantage and to monitor and control the public. He suggested that we would all need to take security into our own hands, and by that I think he also meant that the computer industry needs to step up and make the hardware and software far more secure than it is now.

"Tell the truth and run." -- Yugoslav proverb

by quill on Tue Feb 17, 2015 at 02:30:19 PM PST

[ Parent ]
You mean, (1+ / 0-)

Recommended by:
Prognosticator

The highly insecure electronic voting booths that can switch thousands of votes with a quick "security" patch?

Used to vote for candidates from one of two parties which are owned by the same corporations and take orders from the same Security Apparatchiks?

The Greeks only got a government that would stand up to the Troika when they stopped voting for BOTH of the two parties that had owned their government for the last fifty years. Unfortunately, our system is so thoroughly rigged that getting a third party into power is virtually impossible.

by cynndara on Tue Feb 17, 2015 at 07:12:44 PM PST

[ Parent ]

With good reason (0+ / 0-)

Gathering foreign intelligence (terrorist, economic, diplomatic, military) is their mission. This is spycraft stuff.

by Sucker Politics on Tue Feb 17, 2015 at 09:38:13 PM PST

[ Parent ]

Yeah. Check your ethics at the door. The ends (0+ / 0-)

justify the means. Etc.

To put the torture behind us is, inevitably, to put it in front of us.

by UntimelyRippd on Wed Feb 18, 2015 at 10:14:11 AM PST

[ Parent ]

That would be nice, but probably (7+ / 0-)

Recommended by:
kharma, stevemb, Don midwest, cybrestrike, lunachickie, cville townie, mrkvica

it will just spawn a bunch of people shrugging and saying "What can you do?"
And a bunch of other people talking about how stupid people are to care about privacy. After all, the NSA wouldn't bother anybody unless they were an important, real threat. Anybody who thinks otherwise just overestimates their own importance.

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:49:51 AM PST

[ Parent ]

What usually happens (0+ / 0-)

is we get a bunch of crypto idiots underestimating SIGINT capabilities, whether those capabilities be technical or more of the national-security-letter flavor. Wouldn't surprise me if more than a handful of certificate authorities are fronts, have been bribed, have been attacked, or have been coerced.

by Sucker Politics on Tue Feb 17, 2015 at 09:42:02 PM PST

[ Parent ]

Open source not good enough... (7+ / 0-)

Recommended by:
nchristine, corvo, shaharazade, bygorry, blueoasis, dconrad, mrkvica

It's been known and discussed publicly since the 1970's that the compilers can be corrupted to produce compromised code.

Unless you control EVERY piece of the chain, you have NOTHING.

The Fail will continue until actual torches and pitchforks are set in motion. - Pangolin@kunstler.com

by No one gets out alive on Tue Feb 17, 2015 at 09:20:58 AM PST

[ Parent ]

Finally, someone else who knows about (2+ / 0-)

Recommended by:
dconrad, No one gets out alive

Reflections on Trusting Trust.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 11:40:55 AM PST

[ Parent ]

ramification #4 or 5: just say Glass. (1+ / 0-)

Recommended by:
mrkvica

Become a walking surveillance drone and look like a dork.

Popular disgust and revulsion chased Google out of the business for a while, but only to have it redesigned to look slightly less dorky. They'll be back, like a bad case of acne.

Now Sony is trying it too:

http://www.dailykos.com/...

If anyone here doubts that these things will be used as the surveillance wetdream of both government and private-sector actors, I have a bridge for sale, cheap.

"Getting to know you, getting to know all about you...."

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 02:02:44 PM PST

[ Parent ]
Just maybe.. (0+ / 0-)

Not every damn thing should be connected to the Internet?

Refrigerators, Nuclear power-plants..

Dear future generations: Please accept our apologies, We were roaring drunk on petroleum -Kurt Vonnegut

by Anthony Page aka SecondComing on Tue Feb 17, 2015 at 09:10:11 PM PST

[ Parent ]

Kinda makes you wonder (42+ / 0-)

Recommended by:
Thumb, native, PeteZerria, ctsteve, kharma, Hillbilly Dem, Green Mountain Flatlander, corvo, Simplify, dewtx, ChemBob, stevemb, Tool, Joes Steven, Jim P, martini, blueoasis, MJ via Chicago, shaharazade, Shadowmage36, dconrad, bobswern, Don midwest, mconvente, Greyhound, BYw, Keninoakland, cybrestrike, catwho, Johnny Q, ericlewis0, DRo, No one gets out alive, Punditus Maximus, Joieau, lunachickie, eyo, Betty Pinson, cville townie, Alumbrados, mrkvica, JVolvo

about computer-based voting machines.

Arrrr, the laws of science be a harsh mistress. -Bender B. Rodriguez

by democracy inaction on Tue Feb 17, 2015 at 04:56:40 AM PST

[ Parent ]

Rigging an election would be child's play... (58+ / 0-)

Recommended by:
raboof, native, mimi, PeteZerria, ctsteve, k9disc, kharma, zerelda, Hillbilly Dem, Deward Hastings, Steven D, mosesfreeman, democracy inaction, corvo, dewtx, ChemBob, stevemb, Tool, Jim P, martini, Medium Head Boy, blueoasis, MJ via Chicago, gooderservice, shaharazade, AllanTBG, terabytes, Shadowmage36, Don midwest, CroneWit, Greyhound, CenFlaDem, triplepoint, cybrestrike, J M F, nchristine, mkor7, Losty, catwho, Johnny Q, DRo, No one gets out alive, Joieau, lunachickie, Bisbonian, gem56, eyo, HedwigKos, leeleedee, bill dog, Subterra, Betty Pinson, Pablo Bocanegra, cville townie, northsylvania, Alumbrados, mrkvica, JVolvo

...which, after reading today's news (in this diary)...spells it out in black and white for any that dare to acknowledge these new-found facts.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 05:04:29 AM PST

[ Parent ]

I remember when I used to ask myself, "Why would (35+ / 0-)

Recommended by:
Thumb, native, k9disc, kharma, Hillbilly Dem, democracy inaction, corvo, dewtx, stevemb, Tool, Jim P, blueoasis, MJ via Chicago, lao hong han, shaharazade, AllanTBG, terabytes, Shadowmage36, bobswern, Don midwest, CenFlaDem, cybrestrike, Caerus, Johnny Q, ozsea1, freesia, SouthernLiberalinMD, Joieau, a2nite, jbob, eyo, Demeter Rising, bill dog, Betty Pinson, JVolvo

the internet, a huge cultural leap forward, have been created by US intel agencies? How could something so beneficial have originated from spooks and saboteurs?"

I don't ask that question any more.

"Well, yeah, the Constitution is worth it if you succeed." - Nancy Pelosi, 6/30/07 // "Succeed?" At what?

by nailbender on Tue Feb 17, 2015 at 05:08:45 AM PST

[ Parent ]

Do you believe that was intentional? I don't think (18+ / 0-)

Recommended by:
native, CroneWit, Don midwest, nailbender, stevemb, No one gets out alive, highacidity, J M F, shaharazade, bygorry, catwho, Subterra, bobswern, Tool, Snapple, cville townie, LABobsterofAnaheim, mrkvica

so. The invention of the packet networking, APRANET to TCP/IP protocoll was not a conspiracy, if you meant to say that. Like most invention they develop "inadvertently" and then are picked up to do things that are used for the good and the bad, as always.

Die Gedanken sind Frei - caucus99percent

by mimi on Tue Feb 17, 2015 at 07:07:29 AM PST

[ Parent ]

Good points, and no, I wasn't saying that, but was (10+ / 0-)

Recommended by:
nchristine, mimi, stevemb, corvo, shaharazade, bygorry, blueoasis, Tool, Bisbonian, JVolvo

saying that, conceptually, the folks who were involved in ramping the internet up (and it wasn't decoupled from DARPA at all) had to have known that the possibilities included mass surveillance, and the team that developed the first IMPs, having won an RFQ from DARPA to do so, where these guys. To think a crew like that wouldn't have mass surveillance as a possible use for the web they were working to implement stretches credulity, imo.

We've all been hacked, in any event, and the US Intel complex has been at it for a very long time, it didn't just pop out of nowhere.

"Well, yeah, the Constitution is worth it if you succeed." - Nancy Pelosi, 6/30/07 // "Succeed?" At what?

by nailbender on Tue Feb 17, 2015 at 08:37:38 AM PST

[ Parent ]

I need to refresh my memory and read through (3+ / 0-)

Recommended by:
stevemb, shaharazade, Tool

some material. I don't doubt that they understood the possibilities of mass surveillance. How long was that process from packet networking to TCP/IP ? More than twenty years?

Die Gedanken sind Frei - caucus99percent

by mimi on Tue Feb 17, 2015 at 09:01:40 AM PST

[ Parent ]

TCP/IP was begun by Kahn and Cerf in '73 (2+ / 0-)

Recommended by:
JVolvo, mimi

Kahn at the time was a BBN employee working at DARPA. He had just initiated a reworking of arpanet because the IMP based model was problematic, too finicky. He developed a list of issues that needed to be addressed in the new communications-based paradigm he was proposing, and, surprise surprise, none of them included security or privacy.

Read that first link in my response to you above. It's excellent and very accurate, albeit a bit cursory given the enormity of the subject.

"Well, yeah, the Constitution is worth it if you succeed." - Nancy Pelosi, 6/30/07 // "Succeed?" At what?

by nailbender on Tue Feb 17, 2015 at 03:10:50 PM PST

[ Parent ]

thanks, nailbender, I will ... one day ... if my (0+ / 0-)

mind then is still working properly. Right now I feel I am not up to it. I appreciate your help in getting me a helpful link.

Die Gedanken sind Frei - caucus99percent

by mimi on Wed Feb 18, 2015 at 07:40:39 AM PST

[ Parent ]

I don't think all the geeks involved in (13+ / 0-)

Recommended by:
native, nailbender, stevemb, blueoasis, shaharazade, Don midwest, cybrestrike, nchristine, lunachickie, Demeter Rising, protectspice, mrkvica, JVolvo

creating it were in on that. I think they genuinely thought they were repurposing military technology for civilian uses, which has happened many times in our history.

I thought that too. Whoops!

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:53:31 AM PST

[ Parent ]

you should read this: (1+ / 0-)

Recommended by:
Don midwest

http://www.internetsociety.org/...

"Well, yeah, the Constitution is worth it if you succeed." - Nancy Pelosi, 6/30/07 // "Succeed?" At what?

by nailbender on Tue Feb 17, 2015 at 03:11:47 PM PST

[ Parent ]

Thanks; looks fascinating. (0+ / 0-)

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 06:56:16 PM PST

[ Parent ]

No, the NSA initially had no hand in it (0+ / 0-)

The Internet was created by engineers interested in making their computers more useful by improving communication. At the time, the main actors were universities and research contractors (BBN, notably) whose people knew and trusted each other. They built a magnificent system which worked fine so long as everyone was trustworthy.

As it spread, however, it became obvious that not everyone was trustworthy. I can still remember my shock at seeing the Canter & Siegel USENET post which initiated the modern era of spam.

But by then it was too late—the Internet was too usefull and too widespread to re-engineer for security. We're trying to do so now, by small steps (HTTPS

TPP delenda est.

by By Choice on Wed Feb 18, 2015 at 10:55:59 AM PST

[ Parent ]
No, the NSA initially had no hand in it, redux (0+ / 0-)

[Sigh...missed the ‘Preview’ button, hit ‘Post’ instead.* This is what I meant to post:]

The Internet was created by engineers interested in making their computers more useful by improving communication. At the time, the main actors were universities and research contractors (BBN, notably) whose people knew and trusted each other. They built a magnificent system which worked fine so long as everyone was congenial.

As it spread, however, it became obvious that not everyone was trustworthy. I can still remember my shock at seeing the Canter & Siegel USENET post which initiated the modern era of spam.

But by then it was too late—the Internet was too useful and too widespread to re-engineer for security. We're trying to do so now, by small steps (HTTPS, DNSSec, and the like), but the government has seen the dark side, and the NSA is trying to ensure everyone except them is vulnerable—an unattainable goal, with the end result that everyone is vulnerable.

* Dear Kos designers: How about moving the ‘Post’ button up to just under the preview text. This way, you're less likely to mis-click, and everyone has to go through a preview before posting. Think of the improvements!

TPP delenda est.

by By Choice on Wed Feb 18, 2015 at 11:08:29 AM PST

[ Parent ]

Remember when it was CT here (49+ / 0-)

Recommended by:
Thumb, cslewis, native, k9disc, kharma, white blitz, inclusiveheart, Hillbilly Dem, TheOrchid, musikman, tle, corvo, dewtx, stevemb, Tool, snoopydawg, Jim P, Medium Head Boy, cardboardurinal, blueoasis, MJ via Chicago, gooderservice, shaharazade, AllanTBG, Shadowmage36, bobswern, Don midwest, CroneWit, cybrestrike, J M F, Johnny Q, ozsea1, freesia, DRo, SouthernLiberalinMD, Joieau, lunachickie, Bisbonian, eyo, Demeter Rising, bygorry, bill dog, Betty Pinson, Pablo Bocanegra, northsylvania, CTPatriot, mrkvica, JVolvo, happymisanthropy

to even mention the possibility of electronic voting machines being hijacked to rig elections?

I find it hard to believe that anyone now could reasonably argue electronic voting is safe and reliable.

"If you tell the truth, you'll eventually be found out." Mark Twain

by Steven D on Tue Feb 17, 2015 at 06:22:43 AM PST

[ Parent ]

Yes I do. (23+ / 0-)

Recommended by:
Thumb, cslewis, kharma, Steven D, corvo, Simplify, stevemb, Tool, blueoasis, shaharazade, CroneWit, cybrestrike, nchristine, Johnny Q, freesia, Joieau, lunachickie, Bisbonian, bygorry, Betty Pinson, mrkvica, JVolvo, Don midwest

The concept "preponderance of evidence" seemed to be trumped by "it's CT!". I've never understood why people so intensely argue for the most Pollyanish explanation of anomalous results from such easily corrupted systems.

I am become Man, the destroyer of worlds

by tle on Tue Feb 17, 2015 at 06:47:54 AM PST

[ Parent ]

Yup (11+ / 0-)

Recommended by:
corvo, Tool, cybrestrike, Johnny Q, bygorry, Betty Pinson, mrkvica, Choco8, JVolvo, Don midwest, Prognosticator

The concept "preponderance of evidence" seemed to be trumped by "it's CT!".
Can't have that, you know. Discussion of possibilities, based on realistic concerns isn't reality-based, since the Possible hasn't yet taken place. Or something.

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:31:26 AM PST

[ Parent ]

I thought it still was CT. (24+ / 0-)

Recommended by:
Thumb, El Zmuenga, native, stevemb, snoopydawg, cardboardurinal, blueoasis, MJ via Chicago, shaharazade, CroneWit, cybrestrike, nchristine, Johnny Q, Punditus Maximus, Joieau, bygorry, Betty Pinson, Pablo Bocanegra, protectspice, CTPatriot, mrkvica, JVolvo, happymisanthropy, Don midwest

Fortunately for us, the site leadership seems more interested in making money these days than in nannying us to death, so little by little we're allowed to mention such things as the potential for abuse in electronic voting, the USS Liberty, possible Saudi connections in 9/11, etc. etc. etc.

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 06:54:07 AM PST

[ Parent ]

You poor, persecuted victims (5+ / 7-)

Recommended by:
artmartin, phenry, Quabbin, Paulie200, sunbro

Hidden by:
stevemb, Thumb, Tool, Pablo Bocanegra, cville townie, protectspice, Don midwest

Someone get the vapors. The Greenwald Crowd just passed out on the fainting couch again.

It must be so hard getting the truth (tm) out there when so many, from Reuters and the New York Times to Markos himself are working to keep you silenced.

As to this "breaking" story, here's the TL;DR:

The NSA is developing technologies to hack computers around the globe as per the reason they're paid billions of dollars. Even though we've known this since forever (spies gonna spy) somehow this means something something.

Because, dontcha know, the potential to commit a crime is exactly the same as committing a crime. To the fainting couch!!

by WinSmith on Tue Feb 17, 2015 at 07:19:35 AM PST

[ Parent ]

Well, if this is the best you can come up with, (28+ / 0-)

Recommended by:
Thumb, cslewis, El Zmuenga, kharma, Steven D, jrooth, stevemb, Tool, snoopydawg, cardboardurinal, blueoasis, MJ via Chicago, shaharazade, bobswern, Greyhound, Metro99, cybrestrike, Johnny Q, lunachickie, Bisbonian, Choco8, Betty Pinson, Pablo Bocanegra, protectspice, mrkvica, JVolvo, SamanthaCarter, Don midwest

then I'll just chuckle. :-)

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 07:43:59 AM PST

[ Parent ]
The potential to commit an unauthorized access... (23+ / 0-)

Recommended by:
Thumb, Steven D, stevemb, Tool, Jim P, Medium Head Boy, cardboardurinal, blueoasis, MJ via Chicago, Greyhound, Metro99, BvueDem, cybrestrike, nchristine, Johnny Q, Demeter Rising, Betty Pinson, Choco8, mrkvica, JVolvo, happymisanthropy, SamanthaCarter, Don midwest

Embedded in computers and components all over the place means that many unauthorized and potentially destructive accesses can be committed, and (with high probability) not just by the authors and distributors of the code being discussed.

Even assuming the creators of this code provided some protection against access (for people other than themselves), how good is that protection and what happens when (not if, just when) someone else finds the access techniques? (Like Russian, Chinese, or Iranian spooks.)

by DButch on Tue Feb 17, 2015 at 07:53:10 AM PST

[ Parent ]

Interesting Kaspersky connection... (4+ / 0-)

Recommended by:
mrkvica, JVolvo, SamanthaCarter, lunachickie

From the Biggest Bank Robbery in History" article published yesterday.

Could be coincidence, of course, but is there some connection between Kaspersky's investigation of the ATM hack and their discovery of the hacks mentioned in this article.

by DButch on Tue Feb 17, 2015 at 09:56:02 AM PST

[ Parent ]

HRd For Personal Insults nt (5+ / 0-)

Recommended by:
corvo, democracy inaction, Betty Pinson, Pablo Bocanegra, JVolvo

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:14:17 AM PST

[ Parent ]

I thought about it (10+ / 0-)

Recommended by:
democracy inaction, corvo, snoopydawg, Jim P, cybrestrike, Bisbonian, Betty Pinson, mrkvica, JVolvo, happymisanthropy

but this doltishness really should be seen, it's such a spectacular fail...

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:19:38 AM PST

[ Parent ]
You know, you really shouldn't do that (6+ / 0-)

Recommended by:
Quabbin, annominous, Paulie200, sunbro, middleagedhousewife, WinSmith

minutes before posting something like this.

Uprated to offset HR abuse.

by phenry on Tue Feb 17, 2015 at 09:27:11 AM PST

[ Parent ]

Er, You Posted The Wrong Link (6+ / 0-)

Recommended by:
corvo, Tool, cybrestrike, Bisbonian, mrkvica, JVolvo

You linked to a post attacking an argument. I assume you meant to link to a post attacking a person (if you ever find one).

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:44:50 AM PST

[ Parent ]
The 'phenery logic' one below is a personal attack (2+ / 0-)

Recommended by:
Fogiv, sunbro

as you never called your own thinking 'phenery logic' and at no point did that comment address your argument. I took care of that one.

by GoGoGoEverton on Tue Feb 17, 2015 at 10:38:11 AM PST

[ Parent ]

I mean, at least get my name right, you know? (7+ / 0-)

Recommended by:
Fogiv, Paulie200, Bisbonian, GoGoGoEverton, sunbro, middleagedhousewife, NYFM

That's what hurt the most, really.

by phenry on Tue Feb 17, 2015 at 10:46:24 AM PST

[ Parent ]

heh (0+ / 0-)

Apparently if I refer to the Snowden/Greenwald crowd in NSA diaries the Usual Suspects create a collective HR frenzy.

They demand freedom and transparency of our government and anyone that suggests otherwise they try to silence and banish.

Irony.

by WinSmith on Tue Feb 17, 2015 at 03:44:52 PM PST

[ Parent ]

No... (2+ / 0-)

Recommended by:
Don midwest, lunachickie

We demand freedom and transparency from our government and anyone who suggests otherwise we criticize.

Downrating your comment isn't banishing WinSmith.

by DButch on Tue Feb 17, 2015 at 08:48:44 PM PST

[ Parent ]

HR = Hide Rating (1+ / 0-)

Recommended by:
Eyesbright

Not Downrating. This isn't Reddit.

You clearly don't understand the point of the HR.

by WinSmith on Wed Feb 18, 2015 at 07:50:47 AM PST

[ Parent ]

Clearly, you're entirely too sensitive (0+ / 0-)

to be posting on this blog.

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 09:00:41 AM PST

[ Parent ]

Says the HR Disher (0+ / 0-)

How's about you just ignore me completely if you don't like what I have to say? Your repeated HRs are annoying, pointless and ultimately just sad.

by WinSmith on Wed Feb 18, 2015 at 05:00:30 PM PST

[ Parent ]

Patronize much? (15+ / 0-)

Recommended by:
corvo, Tool, snoopydawg, shaharazade, Metro99, cybrestrike, Johnny Q, renbear, Betty Pinson, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy, SamanthaCarter, Don midwest

I know, you just can't stand anyone that questions this stuff. Tough shit.

PS

The NSA is developing technologies to hack computers around the globe as per the reason they're paid billions of dollars.
So we pay the NSA billions of dollars to hack the proprietary code created and executed by private companies that have no tie to them? Cite, please.
Your substitution of "TL;DR" for the word "scoop" doesn't make you look intelligent or witty, either. I know, it looked so kewl in the comment and all...

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:18:46 AM PST

[ Parent ]

We pay the NSA to spy (0+ / 0-)

Getting upset because they're good at spying is ludicrous.

by WinSmith on Tue Feb 17, 2015 at 03:45:44 PM PST

[ Parent ]

Implying that there can be no wrong, unethical, (5+ / 0-)

Recommended by:
Johnny Q, happymisanthropy, Don midwest, lunachickie, Brecht

and/or illegal aspect to spying is what is actually ludicrous. It's equivalent to saying "We pay cops to catch crooks. Getting upset because they shoot unarmed black guys is ludicrous." Not all spying is the same, nor is it all good, sensible, ethical, or legal. (NSA spying on MLK being just one example. Lying to Congress about their activities is another.)

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 04:21:57 PM PST

[ Parent ]

I never said or implied that (0+ / 0-)

The NSA needs and requires vigorous court oversight to make sure no laws are broken.

But I'm mad at Congress and FISA for that. Not the NSA itself. Which is doing what it does.

by WinSmith on Wed Feb 18, 2015 at 07:49:50 AM PST

[ Parent ]

So no one taught them restraint? (2+ / 0-)

Recommended by:
Prognosticator, Little

Did no one teach them what the Constitution means?

Not the NSA itself. Which is doing what it does.
What mealy-mouthed bullshit.

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 08:58:43 AM PST

[ Parent ]

It's not just bizarre, it's depressing that here a (1+ / 0-)

Recommended by:
lunachickie

at DKos we have to put up with Dems saying crap like that.

Not the NSA itself. Which is doing what it does.
Does s/he think it's a machine? A pack of rabid doberman pinschers? Why does a person who can bring such thoughts from his/her mind become a member of a Dem community? What is the connection?

Here, have some pandas.

by Little on Wed Feb 18, 2015 at 12:44:15 PM PST

[ Parent ]

Hmmm (0+ / 0-)

Dems saying crap like that.
Dems.
Dems.

You know, I'm trying to see that, but it's just not coming through the filters...

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 07:22:15 PM PST

[ Parent ]

For fuck's sake. (3+ / 0-)

Recommended by:
mrkvica, lunachickie, Brecht

All of your points (which could be useful) could have been made without launching them so obnoxiously. If your purpose is to inform, why be such an asshat about it?

by pasadena beggar on Tue Feb 17, 2015 at 09:29:47 AM PST

[ Parent ]

After two years of NSA faux-scandals... (0+ / 0-)

I'm a little tired of the Snowden Crowd trying to whip up a frenzy of outrage that never spreads beyond their little corner and actively worked against any real effort at FISA court reform.

So now they all go to the movie theater and cheer "CitizenFour." Awards are handed out. And Glenn Greenwald cashes his grifter checks.

But NOTHING changed.

If anything, the manufactured hysteria got in the way of real reform.

These are the same people that claimed Al Gore was the same as George Bush and sung the praises of Ralph Nader. They are the enemy of real change and I will hold them in as much contempt as I hold the right wing. Purity tests get us nowhere. And, even worse, divide everyone long enough to let the crazies win.

by WinSmith on Wed Feb 18, 2015 at 05:13:53 PM PST

[ Parent ]

Was tempted to hide-rate, but then realized (13+ / 0-)

Recommended by:
corvo, blueoasis, cybrestrike, Bisbonian, Choco8, Betty Pinson, Pablo Bocanegra, Little, mrkvica, JVolvo, happymisanthropy, Don midwest, lunachickie

the example of willful blind stupidity posing as mockery was worth seeing as a form of inoculation.

My country goes dead making money.

by Jim P on Tue Feb 17, 2015 at 09:50:57 AM PST

[ Parent ]

Well said. (0+ / 0-)

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Thu Feb 19, 2015 at 04:52:20 PM PST

[ Parent ]

I would think someone with a username like your... (7+ / 0-)

Recommended by:
Betty Pinson, CTPatriot, Little, mrkvica, happymisanthropy, bobswern, Brecht

I would think someone with a username like yours would be more open to the idea that the potential to commit crimes leads inevitably to those crimes being committed, Winston.

by orwelldesign on Tue Feb 17, 2015 at 10:50:50 AM PST

[ Parent ]

It's part of the Orwellian Continuity (13+ / 0-)

Recommended by:
cybrestrike, Bisbonian, Betty Pinson, Pablo Bocanegra, protectspice, CTPatriot, mrkvica, JVolvo, happymisanthropy, bobswern, Don midwest, lunachickie, Brecht

Up is Down. Bad is Good. And Winston loves him some NSA.

by Choco8 on Tue Feb 17, 2015 at 10:59:55 AM PST

[ Parent ]

HR. Not going to suffer fools in an adult (3+ / 0-)

Recommended by:
Bisbonian, mrkvica, Brecht

conversation. If any feel that a HR is unjustified - then you have not had ample exposure to WinSmith's past with anything concerned with the NSA for the past year and a half. He can learn how to participate in a conversation or be summarily ignored.

We lost the Midterms. Wanna win next time? That means addressing Climate Change, Income Inequality and listening to the DFH part of the party who tends to be right about nearly everything but is universally ignored by the "Serious people".

by Tool on Tue Feb 17, 2015 at 11:41:51 AM PST

[ Parent ]
It's like the obvious undercover cop (5+ / 0-)

Recommended by:
Choco8, mrkvica, Johnny Q, JVolvo, happymisanthropy

in the Che Guevara shirt. 'I'm one of you guys, seriously'.

by protectspice on Tue Feb 17, 2015 at 01:45:56 PM PST

[ Parent ]

heh (1+ / 0-)

Recommended by:
Eyesbright

That was actually pretty good. I tip my sarcasm hat good sir. Nicely played.

As to the underlying issue of warrantless spying, I am a huge critic of the Bush rubber stamp era and of the feckless, toothless FISA court as it currently stands. That's the focus of my ire.

Not the NSA itself fpr trying to use digital technology to the best of their abilities. I might as well get mad at the army for training with guns instead of waffles.

by WinSmith on Tue Feb 17, 2015 at 03:49:33 PM PST

[ Parent ]

You might as well (0+ / 0-)

stomp your little blog-foot and whine some more about it.

Oh, wait...

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 09:03:45 AM PST

[ Parent ]

He's the Winston Smith (1+ / 0-)

Recommended by:
lunachickie

who has learned to love Big Brother.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:28:19 PM PST

[ Parent ]

Calling the NSA "Big Brother" (0+ / 0-)

Is like calling Obama a "socialist."

You don't understand words, governments, or history.

by WinSmith on Wed Feb 18, 2015 at 07:54:42 AM PST

[ Parent ]

You're correct (0+ / 0-)

... but you're an asshole about it.

Foreign-intelligence gathering is in the mission statement. Some media personalities have tried to conflate foreign with domestic to spawn outrage in America, but it hasn't worked -- in fact, if anything, they've succeeded in numbing Americans.

by Sucker Politics on Tue Feb 17, 2015 at 09:45:37 PM PST

[ Parent ]

These personalities (0+ / 0-)

have unwittingly pulled off the best psy-op I've ever seen. Look at all those boiled frogs in America -- and maybe even around the world -- victims of a supposedly ingenious trickle strategy that hasn't at all lived up to the fanfare.

by Sucker Politics on Tue Feb 17, 2015 at 09:50:19 PM PST

[ Parent ]

It's not over yet, this (0+ / 0-)

um, psy-op. Until it is, nobody has "pulled off" anything.

Just sayin'...

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Wed Feb 18, 2015 at 09:11:02 AM PST

[ Parent ]

It's over (0+ / 0-)

Greenwald and his ilk are fighting to stay relevant.

Also, lest I give the wrong impression, I don't mean psy-op in the CT sense of a premeditated operation. This is what I'd call an emergent psy-op, something that just happens without any locked-chamber planning -- something that happens when self-patting "ingenious trickle strategists" fail to account for mass psychology.

by Sucker Politics on Thu Feb 19, 2015 at 06:30:13 PM PST

[ Parent ]

yes I do also. Was shut down here (23+ / 0-)

Recommended by:
Thumb, cslewis, Steven D, corvo, Simplify, stevemb, snoopydawg, Jim P, blueoasis, MJ via Chicago, shaharazade, cybrestrike, Johnny Q, freesia, Punditus Maximus, Travelin Man, bygorry, Betty Pinson, protectspice, CTPatriot, mrkvica, Demeter Rising, happymisanthropy

in Columbus OH people closely watched the election

when I brought it up on DK, was shut down

because, the system has to pretend that elections are legitimate

by Don midwest on Tue Feb 17, 2015 at 08:04:10 AM PST

[ Parent ]

If you can't talk about it, well, then (8+ / 0-)

Recommended by:
corvo, cybrestrike, Johnny Q, bygorry, Betty Pinson, mrkvica, Don midwest, Prognosticator

it must have never happened anyway ;)

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:32:32 AM PST

[ Parent ]
Now they (11+ / 0-)

Recommended by:
corvo, cybrestrike, Johnny Q, bygorry, Betty Pinson, CTPatriot, mrkvica, JVolvo, happymisanthropy, Don midwest, Prognosticator

don't even have to rely on messing with the ballots. They seem to have it covered from both ends. The owners of the place pick the candidates and we the people are allowed to ratify their choices. We get Goldman Sachs vs. Bain or Chase vs. the Koch bros. Even then we get a two fer. Makes it a lot less messy when they count the votes. No more debacles like FL with it's hanging chads, republican goon squads and supreme intervention. Citizen United and 'inevitable' candidates have made the outcomes a lot more reliable on the front end. Although this does not mean that they do not count on the unpredictable human voters to deliver whatever they deem an acceptable outcome. One way or another it's covered.

by shaharazade on Tue Feb 17, 2015 at 09:53:54 AM PST

[ Parent ]
The risible excuse being 'such talk dampens (12+ / 0-)

Recommended by:
corvo, Simplify, cybrestrike, Johnny Q, bygorry, Betty Pinson, protectspice, mrkvica, JVolvo, happymisanthropy, Don midwest, Prognosticator

turnout.' When the real problem with turnout is that people don't feel they are offered a meaningful choice. That we can't address either because: Hillary is inevitable; Hillary (who represents Republicanism with a Democratic Tag) will beat the Republican!

My country goes dead making money.

by Jim P on Tue Feb 17, 2015 at 09:54:38 AM PST

[ Parent ]

That's up to the corporate donors (3+ / 0-)

Recommended by:
mrkvica, Don midwest, Jim P

They'll be the final arbiters of which candidate is most likely to carry their agenda forward.

The rest of us are just window dressing.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 01:00:31 PM PST

[ Parent ]

Yes, it does. (0+ / 0-)

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Thu Feb 19, 2015 at 04:53:20 PM PST

[ Parent ]

For those who understand information security (4+ / 0-)

Recommended by:
nchristine, mrkvica, Don midwest, Prognosticator

It is virtually impossible to make an electronic voting system secure. The reason is simple. The entire basis of information security is that you cannot perfectly secure anything but you can make it more trouble than it's worth, eg: you can make it cost more to hack than the expected value of whatever you are gaining.

Now, what is the expected value of the US Government complete with the US Military and it's stock of ICBM's?

by Snapple on Tue Feb 17, 2015 at 12:42:44 PM PST

[ Parent ]

by my calculation (2+ / 0-)

Recommended by:
Don midwest, Prognosticator

what is the expected value of the US Government complete with the US Military and it's stock of ICBM's?
it's enough to pay some dudes to count ballots by hand.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:30:49 PM PST

[ Parent ]

On One Hand (0+ / 0-)

I don't entirely trust electronic voting. On the other, if rigging ballots electronically was so easy, why are Republicans trying to push through Voter ID laws and other suffrage restrictions?

by DarkScholar82 on Tue Feb 17, 2015 at 01:14:01 PM PST

[ Parent ]

So they don't have to pay the companies (2+ / 0-)

Recommended by:
Don midwest, Prognosticator

that do the coding on the voting machines hush money when they can 'legitimately' prevent people from voting.

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 01:25:12 PM PST

[ Parent ]

Correct. (0+ / 0-)

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Thu Feb 19, 2015 at 04:50:32 PM PST

[ Parent ]

Shittily done, dammit (0+ / 0-)

I read the original source information two days ago.
One, possibly" two vendors were at risk.
Out of dozens of drive vendors.

Really?! Hyperbole scores over facts?
I may very well block El reg from my network, if that bullshit continues.

Granted, it's bad for one or two HD vendors ending up compromise at a hardware level. But, it's not *all vendors or even a majority of vendors.
Hence, at current, it's a non-story.

by Wzrd1 on Wed Feb 18, 2015 at 12:45:21 PM PST

[ Parent ]

Wish I could say I am shocked (60+ / 0-)

Recommended by:
mimi, greenbird, ask, PeteZerria, Dallasdoc, Hillbilly Dem, Mosquito Pilot, xxdr zombiexx, NoMoreLies, corvo, basquebob, dewtx, ChemBob, stevemb, Tool, Brubs, Jim P, martini, cardboardurinal, slampros, blueoasis, MJ via Chicago, shaharazade, AllanTBG, la urracca, terabytes, dclawyer06, Shadowmage36, bobswern, Don midwest, CroneWit, triplepoint, BYw, cybrestrike, pvasileff, mkor7, Caerus, Johnny Q, freesia, Teiresias70, SouthernLiberalinMD, Joieau, a2nite, Mr Robert, lunachickie, FrY10cK, Bisbonian, jbob, eyo, HedwigKos, tampaedski, bill dog, Mrcynical, CTPatriot, wayoutinthestix, Alumbrados, mrkvica, JVolvo, Pale Jenova, happymisanthropy

or stunned
even surprised

Let's try sick. Yes, that one works.

Thank you, bobswern for another incredibly well done post.

As we express our gratitude, we must never forget that the highest appreciation is not to utter words, but to live by them. John F. Kennedy

by JaxDem on Tue Feb 17, 2015 at 03:26:16 AM PST

Bonus: easy to watch Congress. (23+ / 0-)

Recommended by:
k9disc, kharma, Mosquito Pilot, corvo, dewtx, stevemb, martini, MJ via Chicago, StrayCat, shaharazade, la urracca, Shadowmage36, bobswern, Don midwest, JaxDem, BYw, cybrestrike, J M F, Johnny Q, eyo, CTPatriot, JVolvo, Pale Jenova

And deny that anyone was, during the time the CI-NS-A was watching the Intelligence Committee, anyone was actively "breaking in."

No facts lie behind this supposition.

Thump! Bang. Whack-boing. It's dub!

by dadadata on Tue Feb 17, 2015 at 04:24:13 AM PST

[ Parent ]

From the Kaspersky report this is not (44+ / 0-)

Recommended by:
Bob Love, i dont get it, G2geek, la urracca, NYFM, bobswern, dclawyer06, nextstep, BYw, Wee Mama, HedwigKos, FG, Knockbally, rodentrancher, Hannibal, nchristine, WinSmith, white blitz, Inland, Shadowmage36, sunbro, middleagedhousewife, phenry, MJ via Chicago, chrswlf, stevemb, highacidity, J M F, Simian, catwho, Mr Robert, JayBat, Fogiv, Keninoakland, Losty, AllanTBG, cville townie, Peace Missile, Smoh, Glen The Plumber, skohayes, Alumbrados, JVolvo, liamcdg

firmware installed when the drive is manufactured. It is firmware that the NSA can install after the fact, on targeted drives.

There is no suggestion that drive manufacturers are involved or are cooperating in any way.

There is no suggestion that, if you buy a brand new PC or disk drive, it is infected.

by Elwood Dowd on Tue Feb 17, 2015 at 03:42:38 AM PST

Where do I infer, "suggest" or report that... (24+ / 0-)

Recommended by:
mimi, kharma, corvo, dewtx, stevemb, Jim P, cardboardurinal, blueoasis, shaharazade, terabytes, Shadowmage36, dconrad, Don midwest, CroneWit, cybrestrike, Just Bob, Johnny Q, gem56, jbob, eyo, cville townie, CTPatriot, JVolvo, happymisanthropy

There is no suggestion that drive manufacturers are involved or are cooperating in any way?
There is no suggestion that, if you buy a brand new PC or disk drive, it is infected?

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 03:45:24 AM PST

[ Parent ]

There have been previous reports... (33+ / 0-)

Recommended by:
kharma, JayBat, corvo, dewtx, ChemBob, stevemb, Jim P, cardboardurinal, blueoasis, MJ via Chicago, shaharazade, AllanTBG, OHdog, terabytes, Shadowmage36, Don midwest, CroneWit, BYw, rodentrancher, cybrestrike, J M F, Just Bob, Caerus, Johnny Q, Joieau, gem56, jbob, eyo, cville townie, CTPatriot, mrkvica, JVolvo, Eyesbright

...regarding interdiction of computers/hard drives, mid-shipment, where the government has intervened. But, that's not directly-related to what's being reported here. Indirectly, yes, it's related. Directly, no.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 03:47:49 AM PST

[ Parent ]

So, hard-drive firmware as shipped hasn't (4+ / 0-)

Recommended by:
bobswern, mrkvica, Ender, happymisanthropy

been compromised yet by the NSA. So most hard drives aren't affected, unless they have been used on a system with the NSA's malware.

But the NSA may have had access to the source code, methods of installing the firmware, and possibly even signing keys through another social-legal backdoor:

It is not clear how the NSA may have obtained the hard drives' source code. Western Digital spokesman Steve Shattuck said the company "has not provided its source code to government agencies." The other hard drive makers would not say if they had shared their source code with the NSA....
According to former intelligence operatives, the NSA has multiple ways of obtaining source code from tech companies, including asking directly and posing as a software developer. If a company wants to sell products to the Pentagon or another sensitive U.S. agency, the government can request a security audit to make sure the source code is safe.

"They don't admit it, but they do say, 'We're going to do an evaluation, we need the source code,'" said Vincent Liu, a partner at security consulting firm Bishop Fox and former NSA analyst. "It's usually the NSA doing the evaluation, and it's a pretty small leap to say they're going to keep that source code."

"Give us what we want, and you can sell to the DoD. You want to sell to the DoD, right?"

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 01:32:53 PM PST

[ Parent ]

I didn't accuse you of implying anything. (23+ / 0-)

Recommended by:
Bob Love, G2geek, bobswern, mconvente, rodentrancher, jbob, mimi, middleagedhousewife, phenry, MJ via Chicago, stevemb, highacidity, Simian, Mr Robert, cardboardurinal, JayBat, Fogiv, dconrad, cville townie, Smoh, Glen The Plumber, skohayes, mrkvica

It's possible to read the diary that way, though - I did at first - and I wanted to make it clear.

by Elwood Dowd on Tue Feb 17, 2015 at 03:49:11 AM PST

[ Parent ]

Thanks for clarification... (13+ / 0-)

Recommended by:
Don midwest, eyo, ozsea1, corvo, jbob, shaharazade, dewtx, gooderservice, stevemb, J M F, Mr Robert, mrkvica, JVolvo

...but a somewhat substantial read of the source material does make this very clear, per your own comments (too).

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 03:52:28 AM PST

[ Parent ]

I guess it's your title. (17+ / 0-)

Recommended by:
G2geek, NYFM, mconvente, Catskill Julie, Hannibal, lineatus, middleagedhousewife, Inland, phenry, stevemb, highacidity, JayBat, Fogiv, Simplify, cville townie, Smoh, Glen The Plumber

"Hacking of virtually all hard drive firmware."

True in that virtually all hard drive firmware is vulnerable.

NOT true in that only some machines have been hacked.

by Elwood Dowd on Tue Feb 17, 2015 at 03:54:09 AM PST

[ Parent ]

There's a lot more to NSA's... (31+ / 0-)

Recommended by:
Cassandra77, PeteZerria, kharma, corvo, dewtx, pasadena beggar, stevemb, Jim P, Medium Head Boy, blueoasis, MJ via Chicago, StrayCat, gooderservice, shaharazade, AllanTBG, terabytes, Shadowmage36, Don midwest, CroneWit, BYw, cybrestrike, J M F, gulfgal98, Johnny Q, gem56, eyo, Pablo Bocanegra, cville townie, CTPatriot, JVolvo, happymisanthropy

...extremely aggressive hacking--and this story, in general--than just what's covered in the title. As you indicate, the title's accurate. Virtually all types of hard drive firmware have been hacked, and on a very large scale with extremely advanced, devious malware put in place, in this country, too; contrary to the NY Times' story, I might reiterate.

The story's quite clear regarding the numbers of computers involved.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 03:58:15 AM PST

[ Parent ]
It is absolutely implied (8+ / 0-)

Recommended by:
lineatus, WinSmith, phenry, stevemb, highacidity, Susan G in MN, middleagedhousewife, Smoh

by mere mention of ANY specific hardware manufacturer, that it is a hardware specific hack. It isn't, and so any mention of hardware makers should be removed from the article as it just sows confusion. Elwood Dowd's comment indicates this implication is easily made. I mean really, if "every hard drive on the planet" is vulnerable then why bother to name names? It's an unfair knock on each and every one of those companies- unless you mean to implicate them.

by NYFM on Tue Feb 17, 2015 at 05:00:21 AM PST

[ Parent ]

I'm sorry, but I'd beg to differ with you... (25+ / 0-)

Recommended by:
mimi, PeteZerria, mosesfreeman, tle, corvo, basquebob, dewtx, stevemb, Medium Head Boy, blueoasis, MJ via Chicago, StrayCat, gooderservice, shaharazade, Don midwest, CroneWit, cybrestrike, Just Bob, Johnny Q, ozsea1, gem56, eyo, bill dog, CTPatriot, JVolvo

...and, I'd even go as far as to say that: a.) our government doesn't care whether these I.T./hardware/software/telecom co's are willing to comply, or not, since circumvention is pretty much a piece of cake for the NSA; and, b.) the situation is, by definition of today's news, universal (it's all hardware manufacturers, in this instance), without respect to the cooperation of these companies, as well.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 05:10:05 AM PST

[ Parent ]
Firmware hacks, by their very nature, are hardware (11+ / 0-)

Recommended by:
k9disc, eyo, kharma, Don midwest, MJ via Chicago, phenry, stevemb, Garrett, NYFM, bobswern, middleagedhousewife

specific.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 06:36:34 AM PST

[ Parent ]

Absolutely they are. (5+ / 0-)

Recommended by:
stevemb, highacidity, NYFM, Smoh, middleagedhousewife

But do you believe that everyone who reads this diary is going to come away with a reasonable understanding of that fact?

by phenry on Tue Feb 17, 2015 at 08:55:56 AM PST

[ Parent ]

In reality, while each individual hack is hardware (4+ / 0-)

Recommended by:
nchristine, corvo, jrooth, happymisanthropy

specific if you have enough of them then for all practical purposes it is generic.

Just think of what the NSA has/does as Metasploit for hard drive firmware hacks.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 09:22:47 AM PST

[ Parent ]
All hard-drive FIRMWARE isn't all hard-drives n/t (2+ / 0-)

Recommended by:
corvo, Johnny Q

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:42:47 AM PST

[ Parent ]

exactly (7+ / 0-)

Recommended by:
serendipityisabitch, phenry, NYFM, Paulie200, Peace Missile, jdsnebraska, liamcdg

That's like saying every human on earth is vulnerable to being shot in the head so OMG WE'RE ALL DEAD!!!

by WinSmith on Tue Feb 17, 2015 at 07:23:13 AM PST

[ Parent ]

Nonsense n/t (6+ / 0-)

Recommended by:
corvo, blueoasis, Evil Betty, cybrestrike, Johnny Q, JVolvo

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:33:46 AM PST

[ Parent ]
No, it's like saying the NSA has a master key t... (8+ / 0-)

Recommended by:
cybrestrike, Johnny Q, Choco8, Little, mrkvica, Nada Lemming, JVolvo, happymisanthropy

No, it's like saying the NSA has a master key to the lock of almost every front door of almost every house almost everywhere.
They may not have entered your house. You're laughing because we won't trust total strangers we've never met that they won't because trust.
You are a fool, a troll, or both. I'm putting my cash on both.

by Occulus on Tue Feb 17, 2015 at 10:06:48 AM PST

[ Parent ]

Yes. nt (1+ / 0-)

Recommended by:
happymisanthropy

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 01:53:41 PM PST

[ Parent ]
I'm neither (2+ / 0-)

Recommended by:
Eyesbright, liamcdg

I just believe billion dollar spy agencies are going to spy with every tool they have.

It is imperative on us to create a robust judicial check on that power to ensure Constitutional protections for American citizens.

The toothless FISA court is a joke and needs reform. But we've known that since 2006.

The Snowden/Greenwald hysteria machine seems to think the NSA shouldn't filter/monitor internet data. Why? Because feefees!!

Sorry bub.

This is the modern world.

We need major court oversight of all digital spying. But to demand that spying stop? You people are living in fantasy land.

by WinSmith on Tue Feb 17, 2015 at 03:43:18 PM PST

[ Parent ]

The title suggests it. That was certainly my (16+ / 0-)

Recommended by:
Flying Goat, juliesie, mconvente, FG, lineatus, middleagedhousewife, native, serendipityisabitch, phenry, highacidity, Mr Robert, sunbro, NYFM, Smoh, Glen The Plumber, Elwood Dowd

impression until reading the diary.

Is it true? Is it kind? Is it necessary? . . . and respect the dignity of every human being.

by Wee Mama on Tue Feb 17, 2015 at 05:21:33 AM PST

[ Parent ]

Bobswern's titles always have the flair (10+ / 0-)

Recommended by:
artmartin, serendipityisabitch, phenry, radv005, Inland, Quabbin, NYFM, sunbro, Smoh, liamcdg

for the dramatic, especially when they relate to government spying. Then you get in and find that it's not quite "the government is collecting all your pixels."

"Moon landing was real. Evolution exists. Tax cuts lose revenue. The research has shown this a thousand times. Enough already." - Austan Goolsbee

by anonevent on Tue Feb 17, 2015 at 06:27:19 AM PST

[ Parent ]

Yes, Bob Swern does have a flair. (22+ / 0-)

Recommended by:
cslewis, kharma, Occulus, corvo, run around, basquebob, stevemb, Tool, snoopydawg, cardboardurinal, blueoasis, MJ via Chicago, bobswern, TexasTwister, cybrestrike, Losty, Johnny Q, Choco8, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy

He catches your attention to read important stories.

Bob Swern also has a flair for reporting the truth. Unfortunately, some people hate the truth being told depending on who's in charge of what is being exposed.

Bobswern's titles always have the flair for the dramatic, especially when they relate to government spying. Then you get in and find that it's not quite "the government is collecting all your pixels."

Dallasdoc: "Snowden is the natural successor to Osama bin Laden as the most consequential person in the world, as his actions have the potential to undo those taken in response to Osama."

by gooderservice on Tue Feb 17, 2015 at 07:40:16 AM PST

[ Parent ]

Yeah..."it's always something..." (9+ / 0-)

Recommended by:
Tool, cybrestrike, shoreline1, protectspice, gooderservice, mrkvica, Johnny Q, JVolvo, Eyesbright

...in this case: The usual suspects here deliberately conflating "all hard-drive FIRMWARE" with "all hard-drives." You should see the DKos' Facebook comments on this: "It's a Russian company. Therefore, it can't be true!" [Paraphrasing.] Anything to detract from the gist and credibility of this story. No matter what it takes! And, deliberately ignoring: NYT propaganda, and Reuters FULLY confirming this story with two NSA sources. (But, somehow, folks ignore this. Go figure?)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 11:27:37 AM PST

[ Parent ]

Wikipedia says: (7+ / 0-)

Recommended by:
bobswern, gooderservice, mrkvica, Ender, JVolvo, happymisanthropy, Eyesbright

Mark Shuttleworth, founder of the Ubuntu Linux distribution, has described proprietary firmware as a security risk,[10] saying that "firmware on your device is the NSA's best friend" and calling firmware "a trojan horse of monumental proportions". He has pointed out that low-quality, closed source firmware is a major threat to system security:[11] "Your biggest mistake is to assume that the NSA is the only institution abusing this position of trust – in fact, it's reasonable to assume that all firmware is a cesspool of insecurity, courtesy of incompetence of the highest degree from manufacturers, and competence of the highest degree from a very wide range of such agencies".

As a solution to this problem, he has called for declarative firmware.[11] Firmware should be open source so that the code can be checked and verified; it should also be declarative, meaning that it should describe "hardware linkage and dependencies" and "should not include executable code".[11]

The above is the quote, I'll get up to speed on doing it better later. Hope I'm not duplicating

I've been looking for posts from "Anonymous" members, but just can't tell.

"Just because your head is pointed doesn't mean you're sharp." ~My Mom~

by shoreline1 on Tue Feb 17, 2015 at 01:22:11 PM PST

[ Parent ]

Excellent comment! Thank you! n/t (4+ / 0-)

Recommended by:
shoreline1, gooderservice, JVolvo, Eyesbright

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 01:30:01 PM PST

[ Parent ]

"The usual suspects here deliberately conflating" (3+ / 0-)

Recommended by:
Johnny Q, happymisanthropy, bobswern

Those people I call members trolling your diary. If they weren't here trolling the diary, I'd worry that they're sick or have some personal issues (not mental) that they're dealing with, i.e., just lost their job, or a family member is sick.

Dallasdoc: "Snowden is the natural successor to Osama bin Laden as the most consequential person in the world, as his actions have the potential to undo those taken in response to Osama."

by gooderservice on Tue Feb 17, 2015 at 03:30:36 PM PST

[ Parent ]

that's because the actual NEWS is dramatic (11+ / 0-)

Recommended by:
corvo, stevemb, Tool, Jim P, blueoasis, cybrestrike, Johnny Q, bobswern, mrkvica, JVolvo, Eyesbright

This is a big deal - literally, given the scope and implications.

"Tell the truth and run." -- Yugoslav proverb

by quill on Tue Feb 17, 2015 at 08:06:28 AM PST

[ Parent ]
Oh, gosh-darn that writer whose titles (9+ / 0-)

Recommended by:
corvo, blueoasis, cybrestrike, Johnny Q, mrkvica, JVolvo, happymisanthropy, bobswern, Eyesbright

grab you and make you read an article.

Oh, for fuck's sake, where are my smelling salts?

"Counting on people having nowhere else to go is the logic of a slumlord."--Wolf10

by lunachickie on Tue Feb 17, 2015 at 09:34:39 AM PST

[ Parent ]
"Dramatic" is today's winning euphemism! (3+ / 0-)

Recommended by:
phenry, sunbro, Smoh

eom

I was going to write a diary, but the Front Page distracted me. I also swallowed my gum while tripping.

by Inland on Tue Feb 17, 2015 at 09:37:36 AM PST

[ Parent ]

is there any indication this is being done to... (19+ / 0-)

Recommended by:
Bob Love, Don midwest, eyo, WI Lurker, middleagedhousewife, ghotiphaze, artmartin, native, bill dog, CroneWit, phenry, Fogiv, Mr Robert, NYFM, BvueDem, dconrad, Simplify, davewill, sunbro

.. US persons as that term is normally understood in the US intelligence community?

And if so, would anyone here hazard a guess as to how many US persons were targeted, either altogether or in a typical year?

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:33:51 AM PST

[ Parent ]

And who do you ask? The CIA flacks that lied to (34+ / 0-)

Recommended by:
mollyd, kharma, Hillbilly Dem, mosesfreeman, corvo, Simplify, dewtx, stevemb, snoopydawg, Jim P, Medium Head Boy, cardboardurinal, blueoasis, MJ via Chicago, StrayCat, gooderservice, shaharazade, AllanTBG, Don midwest, cybrestrike, J M F, Losty, Johnny Q, DRo, 420 forever, Mr Robert, gem56, eyo, Fishtroller01, Pablo Bocanegra, Little, mrkvica, JVolvo, happymisanthropy

Congress. lied to media, lied to American public time after time? More than ever people should realize what a hero Ed Snowden is to initially alert us to the malicious and anti-democratic NSA actions and ratified here.

Life is just a bowl of Cherries, that stain your hands and clothes and have pits that break your teeth.

by OHdog on Tue Feb 17, 2015 at 05:07:34 AM PST

[ Parent ]

Because, it makes a difference (7+ / 0-)

Recommended by:
WI Lurker, WinSmith, phenry, Fogiv, sunbro, NYFM, G2geek

There is no world where one country does not spy on another, and while I would like to live in that world, until other countries stop and aren't trying to do bad things (left vague on purpose), I want my government knowing what they are doing. In the age of cyberattacks, I want my govenrment being able to figure out what other governments are going to do.

"Moon landing was real. Evolution exists. Tax cuts lose revenue. The research has shown this a thousand times. Enough already." - Austan Goolsbee

by anonevent on Tue Feb 17, 2015 at 06:29:43 AM PST

[ Parent ]

NSA does not have to spy on 7 billion people to (9+ / 0-)

Recommended by:
eyo, corvo, native, stevemb, cardboardurinal, blueoasis, mrkvica, JVolvo, happymisanthropy

do what you want them to do.

Life is just a bowl of Cherries, that stain your hands and clothes and have pits that break your teeth.

by OHdog on Tue Feb 17, 2015 at 07:04:50 AM PST

[ Parent ]

The NSA isn't spying on 7 billion people (7+ / 0-)

Recommended by:
phenry, Paulie200, shoreline1, sunbro, NYFM, G2geek, middleagedhousewife

They're developing the technological means to target spy on some of those people.

Why anyone finds this either newsworthy or interesting is amazing to me.

What exactly does this diary tell you that you didn't know? That spy agencies like to spy?

OMFG!!

Next thing you know, you'll tell me doctors are working on cures for major diseases!!

by WinSmith on Tue Feb 17, 2015 at 07:25:31 AM PST

[ Parent ]

They're developing the technological means (14+ / 0-)

Recommended by:
corvo, pasadena beggar, stevemb, snoopydawg, blueoasis, OHdog, dconrad, cybrestrike, nchristine, Johnny Q, Mr Robert, mrkvica, JVolvo, happymisanthropy

to spy on anyone the want to spy on, bar none. There is no legal framework in place to limit the extent of their surveillance, or to limit what it is being used for. These technologies can, and in fact are being used as offensive weapons -- as well as being used for defensive "cures".

by native on Tue Feb 17, 2015 at 08:54:15 AM PST

[ Parent ]

everything you said also applies to... (1+ / 0-)

Recommended by:
Unduna

... Google and Facebook.

Go to eff.org and look up "local stored objects" and "persistent cookies" and the like.

And if anything, the goal is more insidious: not to capture the proverbial enemies of the state, but to "nudge" the masses this way and that way, subverting their free will.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:42:01 PM PST

[ Parent ]

WinSmith Logic (4+ / 0-)

Recommended by:
run around, blueoasis, OHdog, cybrestrike

By his own argument, WinSmith would be forced to side with someone with multiple convictions for domestic violence and public brawling who objected to the tyrannical gummit trying to take away his guns.

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:19:36 AM PST

[ Parent ]
Then you've forgotten the telephone, email, etc (10+ / 0-)

Recommended by:
Occulus, corvo, blueoasis, cybrestrike, Johnny Q, Mr Robert, Choco8, Nada Lemming, JVolvo, happymisanthropy

spying widely reported and confirmed previously. Everything is being scooped up. This harddrive hacking is just one route to getting everyone's data. It's a bit silly, if not just plain non compos mentis , to pretend it's the only route of spying at this late date, given the established realities.

Maybe you'd be better off sticking to slanders of Snowden or Greenwald.

My country goes dead making money.

by Jim P on Tue Feb 17, 2015 at 10:02:30 AM PST

[ Parent ]

NSA doesn't spy on 7 billion people. (2+ / 0-)

Recommended by:
happymisanthropy, BvueDem

Google and Facebook each spy on about 1 billion.

NSA can't keep up with that (but they don't have to, they have Google and Facebook doing it for them).

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:38:57 PM PST

[ Parent ]

They don't have a good track record so far. (14+ / 0-)

Recommended by:
kharma, corvo, stevemb, cardboardurinal, blueoasis, MJ via Chicago, dconrad, Don midwest, cybrestrike, Johnny Q, Mr Robert, mrkvica, JVolvo, happymisanthropy

I want my government knowing what they are doing. In the age of cyberattacks, I want my govenrment being able to figure out what other governments are going to do.

Dallasdoc: "Snowden is the natural successor to Osama bin Laden as the most consequential person in the world, as his actions have the potential to undo those taken in response to Osama."

by gooderservice on Tue Feb 17, 2015 at 07:41:11 AM PST

[ Parent ]
I want my government agency (0+ / 0-)

tasked with ensuring the security of communications, to be CLOSING security holes, instead of enlarging them and exploiting them.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:40:12 PM PST

[ Parent ]

Dr Evil with a pinky raised (7+ / 0-)

Recommended by:
DRo, corvo, shaharazade, Greyhound, stevemb, blueoasis, happymisanthropy

Hackers steal up to $1 billion from banks

Alternative:
Free Software, Free Society

Peace

by eyo on Tue Feb 17, 2015 at 05:09:05 AM PST

[ Parent ]
There's mention of being installed on PCs (4+ / 0-)

Recommended by:
Don midwest, stevemb, blueoasis, happymisanthropy

without an internet connection via USB. You can't really infer the location of a PC with no internet connection (I suppose you could use the regional settings (language and timezone), but those aren't exactly reliable.

by Flying Goat on Tue Feb 17, 2015 at 05:33:57 AM PST

[ Parent ]

Being a technodunce (4+ / 0-)

Recommended by:
bill dog, stevemb, blueoasis, G2geek

If these allegations are true (no reason not to believe, but does anyone give 100% credence to anything out of Russia?), I can easily see any machine with wifi/bluetooth capabilities pinging a nearby phone to upload what the program wants. I believe all phones locatable.

Then again, I'm a paranoid bastard.

Just another non-conformist like everyone else,

by ghotiphaze on Tue Feb 17, 2015 at 07:30:42 AM PST

[ Parent ]

That's true, though the very act of (2+ / 0-)

Recommended by:
G2geek, ghotiphaze

telling the NSA that there's a computer that's been hijacked is in fact spying, and they'd have to contact a remote server to reliably figure out where you are (Though admittedly, it doesn't have to be NSA - I suppose they could ask Google where you are or something...But does anyone seriously think they have any precautions here?).

You could argue that the act of checking your location before uploading more data isn't too intrusive, but the privacy team for the software I work on as part of my job would certainly have something to say about it.

by Flying Goat on Tue Feb 17, 2015 at 04:26:30 PM PST

[ Parent ]

According to that map, there are some in the US. (6+ / 0-)

Recommended by:
gooderservice, corvo, MJ via Chicago, stevemb, J M F, happymisanthropy

But, really, of course the NSA has targeted at least some people in the US. They can target anyone they want to with this tech. I don't think it really matters 'if' any longer, but a matter of 'when'.

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 07:20:34 AM PST

[ Parent ]
US persons targeted per Wired (18+ / 0-)

Recommended by:
corvo, stevemb, cardboardurinal, dconrad, BvueDem, cybrestrike, J M F, nchristine, Losty, Punditus Maximus, Pablo Bocanegra, bobswern, Glen The Plumber, G2geek, mrkvica, Demeter Rising, JVolvo, Teiresias70

Wired doesn't try to guess numbers/year, but does confirm 'US persons' targeted.

Victims
Kaspersky has found 500 victims in some 30 countries infected with EquationLaser, EquationDrug and GrayFish components. But having been active for more than a decade, it’s likely the spy tools have infected tens of thousands of systems. Each time a machine is infected, the malware places a timestamp in the victim’s registry along with a counter that increases with each victim. Based on counters found on victim machines, the victims appear to increase at a rate of about 2,000 a month.

The largest number of victims have been targeted in Iran, but there are also victims in Russia, Afghanistan, Pakistan, Belgium, Germany, Sudan, Lebanon, the Palestinian Territories, the United States and the UK. They include military, government and diplomatic targets, as well as telecoms, nuclear research facilities and individuals, Islamic activists and scholars, the media, and those working on nanotechnology and encryption technologies. Victims found in the U.S. and UK are all Islamic activists or scholars, Raiu says, some with known extremist leanings.

http://www.wired.com/...

by CroneWit on Tue Feb 17, 2015 at 08:07:52 AM PST

[ Parent ]

Oops, I omitted blockqute for Wired text (12+ / 0-)

Recommended by:
Paulie200, decitect, corvo, stevemb, cardboardurinal, dconrad, BvueDem, cybrestrike, Pablo Bocanegra, bobswern, G2geek, JVolvo

In the comment above ( http://www.dailykos.com/... )

I omitted the blockquote around Wire'd text. Everything from the bold 'Victims' on down is a quote from Wired.com (link provided above).

Sorry. Under-caffeinated.

by CroneWit on Tue Feb 17, 2015 at 08:11:25 AM PST

[ Parent ]
so, 500 here, and 2000 there. (1+ / 0-)

Recommended by:
CroneWit

If 2,000 a month continues, that's 24,000 per year, worldwide.

That's a piddling drop in the bucket compared to Google and Facebook.

Facebook has 1 billion user accounts, and watches everything their users do on the internet.

At the rate NSA is going, they'll catch up in about 41,000 years.

"Let" = "make." Inaction is action. In Taoist terms, "not-doing is doing."

by G2geek on Tue Feb 17, 2015 at 04:47:12 PM PST

[ Parent ]

Uh yes. (5+ / 0-)

Recommended by:
Pablo Bocanegra, bobswern, PJEvans, JVolvo, happymisanthropy

The Kapersky report itself says that it is being done within US borders to two groups of individuals:

- Islamic Scholars
- Persons Unknown

Now, it is possible that all those targets are not US citizens but I'd at least call that "any indication". I think the entire history of the NSA is also "any indication". They have never shown any hesitation at spying on US citizens for reasons ranging from valid security to prurient interest. All three branches of the US government support them on this point.

Kerpersky identifes the US as "low infection rate".

by Snapple on Tue Feb 17, 2015 at 01:01:23 PM PST

[ Parent ]

and probably a third group (0+ / 0-)

people who send encrypted email.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:44:48 PM PST

[ Parent ]

Shhh... (2+ / 0-)

Recommended by:
sunbro, phenry

Elwood you're getting in the way of a faux civil libertarian freakout, man! Why you harshin' the conspiracy mellow?

by WinSmith on Tue Feb 17, 2015 at 07:21:52 AM PST

[ Parent ]

You're so edgy, man. (0+ / 0-)

But you seem a bit...obsessed with the topic.

by GoGoGoEverton on Tue Feb 17, 2015 at 11:19:26 AM PST

[ Parent ]
Yes, I don't know why everyone here is so happy (0+ / 0-)

that Kaspersky put this out there about something that's been going on for 14 years.

I'd be much happier to see a breakthrough about what spying Russia and China are doing worldwide. I'd rather their spy secrets be out there for the world to see.

This revelation is not going to make anyone in the USA better off than they were before the revelation, but it gives Putin and China the opportunity to waive around all sorts of stupid propaganda about how their totalitarian regimes are superior to the USA.

And Chinese and Russian propaganda just stinks to high heaven. It reeks more than anything on this Earth. I'm sorry, but it's true.

-4.75, -5.33 Cheney 10/05/04: "I have not suggested there is a connection between Iraq and 9/11."

by sunbro on Tue Feb 17, 2015 at 02:13:48 PM PST

[ Parent ]

Unfortunately, this is what always happens (9+ / 0-)

Recommended by:
eyo, Glen The Plumber, highacidity, Fogiv, middleagedhousewife, NYFM, FG, sunbro, Paulie200

with these NSA stories. A revelation is made concerning a very technical development that most people don't have the background to understand. Because everyone's a bit jumpy about computer security all the time now, people only pay attention to the most dramatic-sounding part of the story, and may never even notice the part that actually explains what's happened and puts it into context. And so invariably the only thing that people remember is that THE NSA HAS PWNED EVERY HARD DRIVE EVER MADE OMG RUN RUN RUN.

I don't want to single out any specific person here for propagating these misunderstandings; unfortunately, it's damn near a universal phenomenon. But I write about computer security for a living, and I understand how hard it is to present information about malware, exploits, etc. without giving people the wrong impression. And I just wish I could make everyone else understand how hard it is too. Maybe that would mean fewer misunderstandings in the future.

by phenry on Tue Feb 17, 2015 at 08:40:31 AM PST

[ Parent ]

The problem is that they can do it and have done (3+ / 0-)

Recommended by:
Mr Robert, happymisanthropy, kharma

so without oversite for decades. The fact that this can be done with little effort is also a problem. Just because you can doesn't mean you should.

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 08:58:46 AM PST

[ Parent ]
Phenery Logic (4+ / 1-)

Recommended by:
Pablo Bocanegra, cville townie, happymisanthropy, kharma

Hidden by:
GoGoGoEverton

In addition to joining WinSmith in siding with someone with multiple convictions for domestic violence and public brawling who objected to the tyrannical gummit trying to take away his guns (see above), phenery would defend him in the wake of the shooting spree by pointing out that he had left most of the population alive and well.

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:23:36 AM PST

[ Parent ]
I don't think any tech understanding is needed: (0+ / 0-)

bob's title is clearly false as long as one reads the diary. The problem isn't the complexity, the problem is a false statement that will be the takeaway of anyone who doesn't read the fine print in the diary.

I was going to write a diary, but the Front Page distracted me. I also swallowed my gum while tripping.

by Inland on Tue Feb 17, 2015 at 09:42:46 AM PST

[ Parent ]

What's false? (10+ / 0-)

Recommended by:
corvo, dconrad, cybrestrike, Johnny Q, bobswern, mrkvica, JVolvo, Pale Jenova, happymisanthropy, kharma

Kaspersky established that they have exploits for all major hard drive manufacturers, and these exploits have been deployed in at least several dozen countries all over the world.

And reading between the lines, it's highly likely this is how they've installed persistent compromises in routers (including backbone routers) which is something the Snowden docs told us they have done but not how they did it. That again supports the "worldwide" characterization.

"With all this manure around, there has to be a pony somewhere!" - Count Piotr Vorkosigan

by jrooth on Tue Feb 17, 2015 at 10:09:28 AM PST

[ Parent ]

The present tense combinded with "all" (1+ / 0-)

Recommended by:
Fogiv

That's why you change it to a method that could be deployed, rather than a hacking of all firmware.

I was going to write a diary, but the Front Page distracted me. I also swallowed my gum while tripping.

by Inland on Tue Feb 17, 2015 at 10:33:41 AM PST

[ Parent ]

Not false, exactly, but incredibly disingenuous (4+ / 0-)

Recommended by:
Fogiv, Glen The Plumber, sunbro, middleagedhousewife

"Kaspersky Exposes NSA’s Worldwide, Backdoor Hacking of Virtually All Hard-Drive Firmware" can be read as being technically true, in that the report does say that a group tied to the NSA has developed firmware exploits for hard drives made by most of the world's major hard drive manufacturers, and the development of such exploits could fairly be characterized as "hacking." But the diarist damn well knows that people are going to read that as "THE NSA HAS HACKED EVERY HARD DRIVE IN THE WORLD ZOMG" and the comments in this diary prove exactly that.

by phenry on Tue Feb 17, 2015 at 10:15:34 AM PST

[ Parent ]

"The comments in the diary prove that" is right (0+ / 0-)

Fact is, the diary is drafted to misinform people who trust bob and don't read the diary with an eye to fine print.

I was going to write a diary, but the Front Page distracted me. I also swallowed my gum while tripping.

by Inland on Tue Feb 17, 2015 at 10:36:34 AM PST

[ Parent ]
All hard-drive FIRMWARE is NOT all hard-drives n/t (9+ / 0-)

Recommended by:
Occulus, dconrad, cybrestrike, Johnny Q, Little, mrkvica, JVolvo, Don midwest, kharma

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:43:35 AM PST

[ Parent ]
So, clearly you're worried people might assume (5+ / 0-)

Recommended by:
cybrestrike, nchristine, Little, mrkvica, kharma

the NSA might be spying on them, and this public lack of trust in the oversight of NSA capabilities seems to be an issue that bothers you.

So you're here to make multiple comments to make sure people don't misunderstand.

Does that sum up your purpose here?

And your assumptions seems to be you're one of the few who understands the news story.

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 11:22:05 AM PST

[ Parent ]
Question: How does NSA get to all this stuff (0+ / 0-)

which people buy but which is made in China? It would seem sensible that if anyone is in a position to bind almost every computer, the country who could is the one where most of it is manufactured these days, a country with no love for the US or Russia either.

by Christy1947 on Tue Feb 17, 2015 at 03:17:48 PM PST

[ Parent ]

Yeah, see (1+ / 0-)

Recommended by:
kharma

part of the NSA's job is to ensure the security of communications, and closing security holes that the Chinese might be exploiting would seem to be a necessary step; but doing so would slightly inconvenience the agency's spying wing, so the gaping holes remain.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:51:42 PM PST

[ Parent ]

I understand enough to wonder (2+ / 0-)

Recommended by:
mrkvica, kharma

why the hell US foreign policy is so cack handed if they have universal access? I guess if you dropped the Encyclopaedia Britannica in the middle of a patch of slime mould, the intelligence of the slime mould wouldn't go up much.

Geologically, there's not so much to worry about; biologically, on the other hand, we have a situation. Randy Malamud

by northsylvania on Tue Feb 17, 2015 at 02:11:11 PM PST

[ Parent ]
I owe you an apology, phenry (0+ / 0-)

Back in 2013 when this saga started, I considered you terribly annoying, dismissive, even naive, and I think I may have made comments to that effect.

But now I completely agree with you. Almost two years later, nothing in these revelations has lived up to the FUD, at least not on the domestic front. That hasn't stopped the media personalities, whether by design or by sheer cluelessness, conflating foreign activity with domestic activity -- and spreading technical howlers even on the foreign front.

by Sucker Politics on Tue Feb 17, 2015 at 10:03:55 PM PST

[ Parent ]

Clearly, you haven't been paying close... (2+ / 0-)

Recommended by:
DeadHead, kharma

...enough attention if you've come to this conclusion...

...Almost two years later, nothing in these revelations has lived up to the FUD, at least not on the domestic front...

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:20:46 PM PST

[ Parent ]

Dunno, bob... (0+ / 0-)

Given all the hysteria, by now I would've expected, at the very least, shockers in the form of a list of blackmailed officials or a PowerPoint slide showing how all Americans' voice calls are being recorded and archived.

(Now, people may counter, why would things of that nature be on a PowerPoint slide. And to that I say, with a needling smile, exactly, grasshopper, exactly.)

So much for "the best is yet to come." Doesn't seem very urgent, all things considered.

by Sucker Politics on Tue Feb 17, 2015 at 10:35:47 PM PST

[ Parent ]

Your screen name's ironic, since... (0+ / 0-)

...CLEARLY, you're a bigtime advocate for sucker politics.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Wed Feb 18, 2015 at 09:29:52 AM PST

[ Parent ]

Moral: Sometimes First Impressions Are Correct (0+ / 0-)

Back in 2013 when this saga started, I considered you terribly annoying, dismissive, even naive, and I think I may have made comments to that effect.

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Thu Feb 19, 2015 at 05:33:34 PM PST

[ Parent ]

But why assume that? (0+ / 0-)

The easiest way for this to work is to force the manufacturers to include certain code into their products.

We've certainly heard about this in connection with operating systems.

Given that it's easy, and the NSA and other agencies have the necessary leverage to force a company to comply, it's actually the most likely way this got done.

To be on the wrong side of Dick Cheney is to be on the right side of history.

by mbayrob on Tue Feb 17, 2015 at 10:50:00 AM PST

[ Parent ]

The Kaspersky report (1+ / 0-)

Recommended by:
bobswern

specifies the process that they have uncovered. And it involves infecting the hard drives after manufacture.

by Elwood Dowd on Tue Feb 17, 2015 at 07:11:27 PM PST

[ Parent ]

Not to mention (0+ / 0-)

The fact they have to do all this song-and-dance bullshit, in particular the postal interception, is a sign that the manufacturers aren't blanket-backdooring products or even cooperating in any tangible way.

by Sucker Politics on Tue Feb 17, 2015 at 09:55:24 PM PST

[ Parent ]

Did you even bother to read the three... (1+ / 0-)

Recommended by:
DeadHead

...stories and the report associated with this diary? If you did, you wouldn't be making the statements you are now!

For starters, there is documented evidence of domestic surveillance in this program, contrary to your statements in these threads.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:22:11 PM PST

[ Parent ]

Definition: 'Airgap' (49+ / 0-)

Recommended by:
native, Wee Mama, mrblifil, i dont get it, NYFM, xxdr zombiexx, G2geek, democracy inaction, corvo, dewtx, ChemBob, stevemb, martini, blueoasis, gooderservice, shaharazade, AllanTBG, HeartlandLiberal, terabytes, dclawyer06, DWG, bobswern, Don midwest, CroneWit, JaxDem, BYw, cybrestrike, J M F, aufklaerer, nchristine, Leftcandid, gulfgal98, samanthab, Teiresias70, DRo, quill, Punditus Maximus, GoGoGoEverton, gem56, eyo, bill dog, Betty Pinson, cville townie, CTPatriot, Just Bob, Alumbrados, mrkvica, Demeter Rising, JVolvo

Airgap is techspeak for running your machine while not attached to the internet at all - never attaching it to the internet - a security strategy said to assure that your particular "offline" box is at the pinnacle of possible cybersecurity.

I've been teaching airgap mechanics for years - so much for a that . . .

As far as socioeconomic theory, I am Marxist.

by thenekkidtruth on Tue Feb 17, 2015 at 03:54:43 AM PST

The air gap must still be bridged (20+ / 0-)

Recommended by:
Bob Love, highacidity, NYFM, Simplify, dewtx, lao hong han, thenekkidtruth, shaharazade, terabytes, mconvente, cybrestrike, J M F, nchristine, Miggles, quill, Betty Pinson, middleagedhousewife, Alumbrados, mrkvica, happymisanthropy

By someone physically plugging in a USB drive. Sounds like a good reason not to outsource the IT guys.

by Norm in Chicago on Tue Feb 17, 2015 at 04:26:39 AM PST

[ Parent ]

Unfortunately, you can't avoid that flashdrive (21+ / 0-)

Recommended by:
Wee Mama, kharma, dewtx, blueoasis, gooderservice, lao hong han, terabytes, Don midwest, CroneWit, cybrestrike, nchristine, quill, eyo, Demeter Rising, WI Lurker, Betty Pinson, cville townie, CTPatriot, Alumbrados, mrkvica, JVolvo

If you've got any machine that demands the latest security patches, it's going to be your most security-mandated airgap boxes.

Without the internet, of course, the only way to perform this operation is to manually install those patches by means of a flashdrive. And yes, those machines should never be touched by - let alone be even identified to - outside subcontractors.

As far as socioeconomic theory, I am Marxist.

by thenekkidtruth on Tue Feb 17, 2015 at 04:34:33 AM PST

[ Parent ]

you CAN avoid the flashdrive (3+ / 0-)

Recommended by:
stevemb, cville townie, happymisanthropy

1. write-protect the flash drive
2. burn patches / updates to CD / DVD

think, people. there are ways.

by dopeyo on Tue Feb 17, 2015 at 04:56:40 AM PST

[ Parent ]

There's *no way* that machine will have (11+ / 0-)

Recommended by:
terabytes, corvo, eyo, mimi, dewtx, gooderservice, CroneWit, quill, stevemb, CTPatriot, Just Bob

an optical media drive attached. That would be a massive vulnerability on a highly secure airbox. Think like a security expert.

As far as socioeconomic theory, I am Marxist.

by thenekkidtruth on Tue Feb 17, 2015 at 05:53:38 AM PST

[ Parent ]

how that more vulnerable (7+ / 0-)

Recommended by:
thenekkidtruth, skrekk, stevemb, quill, Simplify, cville townie, happymisanthropy

than a usb port?

Gondwana has always been at war with Laurasia.

by AaronInSanDiego on Tue Feb 17, 2015 at 07:14:08 AM PST

[ Parent ]

Good question (9+ / 0-)

Recommended by:
AaronInSanDiego, corvo, CroneWit, Demeter Rising, stevemb, quill, Simplify, cville townie, mrkvica

Since USB is a smart port, it can be completely controlled by Active Directory group policy objects (GPOs).

You can, for instance, specify that the port itself needs a particular Admin level passcode to even turn it on - otherwise, it's disabled. Then you can mandate that any flash device be passcode protected, and even specify the elevation level necessary to deploy a flash device (usually, of course, Administrator level). Now you're down to maybe 2-3 people who can even use a USB port on that secure airbox.

Your level of choices with an optical drive are more limited than this. Your best shot is to simply hardware disable it through the operating system, but if you're going to do that, then, why implement one at all? Best security practice clearly dictates that you simply leave this device off the system.

As far as socioeconomic theory, I am Marxist.

by thenekkidtruth on Tue Feb 17, 2015 at 07:28:25 AM PST

[ Parent ]

I would think there are ways (4+ / 0-)

Recommended by:
skrekk, stevemb, cville townie, mrkvica

to have similar functionality with an optical drive, maybe not using the same methods. Besides, if you're concerned about someone copying information rather than inserting malware, you can get a read-only drive.

Not sure whether this is relevant.

Gondwana has always been at war with Laurasia.

by AaronInSanDiego on Tue Feb 17, 2015 at 07:35:53 AM PST

[ Parent ]
Well, you could attach (0+ / 0-)

a USB DVD drive, reflash known good firmware to it on another airgap machine just to be safe, and use optical media in that, instead of a flash drive which could be compromised at any point data was interchanged.

Or you could have qualified admins and a controlled procedure for any time the optical drive was used; the threat model here isn't the same (unknown worm on flash stick, vs. insider threat prevented by GPOs).

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 01:48:55 PM PST

[ Parent ]

also, CD/DVD still vulnerable to MIM attacks (5+ / 0-)

Recommended by:
corvo, stevemb, thenekkidtruth, Simplify, cville townie

as revealed in the OP.

So what to do now?

How about this: a NFC link on the secure PC to a portable storage device running as an encrypted file server?

"Tell the truth and run." -- Yugoslav proverb

by quill on Tue Feb 17, 2015 at 08:19:33 AM PST

[ Parent ]

but the DVD (1+ / 0-)

Recommended by:
quill

can't erase itself, so there's at least evidence of the crime.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:54:31 PM PST

[ Parent ]

But DVD drives boot and so can be exploited (0+ / 0-)

The challenge is to provide a storage device for data transfer that's secure. USB/CD/DVD are all bootable devices and so can be exploited by zero day hacks. It also doesn't help to have the evidence because it's unlikely to be detected if the attack is successful.

I'm not a security expert, but it seems to me a better bet is to use a storage device that can't boot on the target PC, and interfaced using a standard network protocol with good security. The NFC interface would prevent wireless eavesdropping and hacking and would have no wired exploitable connection. Just a thought anyway...

"Tell the truth and run." -- Yugoslav proverb

by quill on Tue Feb 17, 2015 at 09:36:51 PM PST

[ Parent ]

USB is far more vulnerable than optical drives (2+ / 0-)

Recommended by:
cville townie, happymisanthropy

On USB and on optical drives you can turn autorun off, but on USB it doesn't do any good because of DMA flaws:

Hacking Computers over USB — Schneier on Security

La majestueuse égalité des lois, qui interdit au riche comme au pauvre de coucher sous les ponts, de mendier dans les rues, et de voler du pain.

by dconrad on Tue Feb 17, 2015 at 12:07:48 PM PST

[ Parent ]

can't you use CDs? (2+ / 0-)

Recommended by:
stevemb, cville townie

Not completely safe, but maybe safer than the flash drive?

Gondwana has always been at war with Laurasia.

by AaronInSanDiego on Tue Feb 17, 2015 at 07:12:38 AM PST

[ Parent ]
If you don't allow any media past the air gap (3+ / 0-)

Recommended by:
dconrad, cville townie, happymisanthropy

why would you need to update with a security patch?

by Keninoakland on Tue Feb 17, 2015 at 10:43:53 AM PST

[ Parent ]

They showed a nuclear missile launch station (0+ / 0-)

on PBS the other day, they were still running software off of 8 inch floppies.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 06:56:00 PM PST

[ Parent ]

Been saying that for years (14+ / 0-)

Recommended by:
raboof, thenekkidtruth, terabytes, mconvente, Catskill Julie, eyo, nchristine, dewtx, Norm in Chicago, middleagedhousewife, stevemb, highacidity, J M F, blueoasis

Mumbai or Bejing are not where I'd outsource my mission critical code.

"The development of your own character involves participation." -- Rhett Power

by Zadatz on Tue Feb 17, 2015 at 04:37:00 AM PST

[ Parent ]
Ok, (15+ / 0-)

Recommended by:
kharma, Hillbilly Dem, dewtx, stevemb, gooderservice, thenekkidtruth, shaharazade, CroneWit, cybrestrike, SouthernLiberalinMD, eyo, cville townie, Just Bob, mrkvica, JVolvo

break it down for me, in idiotese.

The hardware in a usb drive can, alone, compromise an "airgapped" computer?

shake well

by dclawyer06 on Tue Feb 17, 2015 at 05:02:48 AM PST

[ Parent ]

Yes (20+ / 0-)

Recommended by:
kharma, dewtx, stevemb, gooderservice, lao hong han, thenekkidtruth, terabytes, dclawyer06, dconrad, CroneWit, cybrestrike, J M F, Norm in Chicago, ozsea1, eyo, cville townie, Just Bob, mrkvica, JVolvo, happymisanthropy

A computer not connected to the internet is vulnerable if a compromised USB drive is connected to it.

by tampaedski on Tue Feb 17, 2015 at 05:09:20 AM PST

[ Parent ]
Yes. Not to mention if it uses firewire then it (8+ / 0-)

Recommended by:
stevemb, thenekkidtruth, dclawyer06, dconrad, cybrestrike, nchristine, eyo, cville townie

is possible to write to any location in RAM even if you use something fancy like selinux to prevent that.

Do you know what DMA is and how it can be used to totally compromise a system?

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 06:38:21 AM PST

[ Parent ]

Or Thunderbolt. nt (1+ / 0-)

Recommended by:
dclawyer06

Don't hate the player, hate the meritocracy.

by cville townie on Tue Feb 17, 2015 at 01:41:46 PM PST

[ Parent ]

Not a hardware-to-hardware thing.... (16+ / 0-)

Recommended by:
raboof, kharma, Occulus, pasadena beggar, stevemb, linkage, TexasTwister, cybrestrike, nchristine, Demeter Rising, Betty Pinson, cville townie, mrkvica, JVolvo, dclawyer06, Teiresias70

(If anyone wants to dig into the technical details, here's a representative sample: a designer's reference for a USB thumb drive based on a chipset manufactured by Freescale. (23-page PDF))

There's a lot going on when you connect a USB device to your computer. The 50,000-foot view won't really cut it, but I'll try not to go too far into the high weeds. I'm going to talk about three things - device drivers, firmware, and physical connectivity.

Device drivers are part of the operating system of your computer. Their purpose is to act as the "go-between" and handle the exchange of data between the operating system and the device in question. They can be generic (for instance, Windows has a basic "VGA display" device driver that will "talk to" any monitor that handles VGA signals) or specific (I can't use the special nifty features of my LCD big-screen monitor unless I install its proprietary device driver in Windows).

Firmware, on the other hand, sits on the device itself. It acts as a "go-between" as well, but with a different perspective; it handles the interaction between the actual hardware and the device driver. In most cases, it also manages the low-level operations of the device.

Physical connectivity is exactly that - how does the device physically "plug in"? In the case of USB, this is all defined by the Universal Serial Bus specification (which is 300+ pages in length). That spec defines everything from what the connector looks like to what signals go over which lines to how fast signals can be exchanged. Both the operating system's device driver and the attached device's firmware have to be able to "talk to" the hardware specification.

So, when you plug a USB drive into a computer, here's a high-level view of what happens:

* The USB device powers up
* The USB device "announces itself" to the USB port (hub) of the computer and tells it what kind of device is attached
* The USB hub tells the operating system "Hey, I have a new device, vendor code is XXXX, product code is YYYY"
* The operating systems checks to see if it has a device driver that can talk to the new device; if so, it loads the device driver and starts talking
* The device driver determines how the operating system will "see" the device. If it's a storage device, it will ask the OS to mount it as a disk (e.g. in Windows, "give it a drive letter and treat it like a disk"); if it's something else, different steps will be taken (i.e. "it's a webcam - set up for video signaling")
* Meanwhile, the firmware on the device is handling the signals/commands/whatever coming in from the PC. This includes everything from the raw USB signaling going back and forth to the device-specific stuff like "oh, the OS wants to read this file; I have to go read data from this part of flash memory" or "the OS wants to use the webcam - route the input from the camera out the USB connection to the PC".

Some of this firmware is built into specific chips; for instance, a USB controller chip has the firmware to handle standard USB signaling. Some of the firmware is truly device-specific; for instance, there are USB drives that "present themselves" to the OS as multiple devices. (SanDisk's old U3 USB devices showed up in Windows as both a mass storage device AND a read-only CD-ROM device.)

So, we actually have a fairly lengthy chain of "actors" in this picture, all governed by some combination of device driver(s) and firmware. Well, wherever there are device drivers and firmware, there are security vulnerabilities. Once we start talking to the operating system at the device-driver level, there are all sorts of possible attacks. For instance, let's say that I know of a vulnerability in the default CD-ROM device driver for Windows; I could have the firmware on my USB stick "announce itself" as a CD-ROM device, allow the OS to apply that default CD-ROM driver, then conduct an attack against it through that vulnerability.

So, we're back to software - very low-level software, but software nonetheless.

The word "parent" is supposed to be a VERB, people... Follow @wesmorgan1

by wesmorgan1 on Tue Feb 17, 2015 at 07:40:35 AM PST

[ Parent ]
That's how they got Stuxnet (10+ / 0-)

Recommended by:
highacidity, corvo, Simplify, stevemb, thenekkidtruth, dconrad, cybrestrike, JVolvo, happymisanthropy, dclawyer06

into the isolated computers at nuclear facilities - came in thumb drive plugged into the control unit workstation.

Eh?

by Joieau on Tue Feb 17, 2015 at 08:21:02 AM PST

[ Parent ]

Thanks for all the info, guys and gals... (0+ / 0-)

I was busy earlier but have since read into this story. Hopefully new hard drive manufacturers pop up with open source coding and drive Seagate, Western Digital(?), etc out of business.

Hell, i wanna send mine back and get a f'ing refund.

shake well

by dclawyer06 on Wed Feb 18, 2015 at 05:19:15 AM PST

[ Parent ]

According to the article (8+ / 0-)

Recommended by:
kharma, stevemb, thenekkidtruth, CroneWit, cybrestrike, DRo, eyo, Betty Pinson

they are able to infect the firmware via radio signals from a briefcase.

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 06:48:01 AM PST

[ Parent ]

But to do that (0+ / 0-)

they have to have planted a receiver bug in the target computer beforehand. (From what I remember of the Snowden revelations.)

Government and laws are the agreement we all make to secure everyone's freedom.

by Simplify on Tue Feb 17, 2015 at 12:08:58 PM PST

[ Parent ]

This is what bin Laden was doing to evade spying. (19+ / 0-)

Recommended by:
Wee Mama, mrblifil, PeteZerria, kharma, NYFM, dewtx, blueoasis, gooderservice, thenekkidtruth, shaharazade, terabytes, cybrestrike, samanthab, Johnny Q, ozsea1, Betty Pinson, cville townie, Alumbrados, JVolvo

Running his terror network off thumb drives.

(Yes, grossly over-simplified - Its a comment, not a dissertation.)

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 05:04:48 AM PST

[ Parent ]

Porn stash too (8+ / 0-)

Recommended by:
kharma, xxdr zombiexx, corvo, stevemb, middleagedhousewife, cybrestrike, Mr Robert, Pale Jenova

So we are told...

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 06:48:43 AM PST

[ Parent ]

I will never know if that was true (6+ / 0-)

Recommended by:
kharma, cybrestrike, nchristine, Johnny Q, mrkvica, JVolvo

or character assassination by the CIA.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 06:59:24 AM PST

[ Parent ]

Nobody ever will (3+ / 0-)

Recommended by:
kharma, corvo, cybrestrike

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 07:24:10 AM PST

[ Parent ]

Lake Tahoe Firefighter (0+ / 0-)

Chico man arrested on federal child porn charge
An affidavit filed by FBI special agent Glenn G. Norling details the evidence in the investigation and states that when Wygant was interviewed Thursday, he admitted to surreptitiously placing a cellphone camera in a bathroom to record a nude minor victim for his sexual gratification and that he had purchased “spy cameras” online to record additional videos.

Wygant allegedly possessed a flash drive containing more than 5,000 images of child pornography along with more than 50 video files that depicted children nude and engaged in sexual intercourse and other sexual acts, the affidavit states. The allegations include possession and production of child pornography material depicting several girls, ranging from 4 to 13 years old at the time of filming.

Several of the videos appear to be of a known female minor, who has met with South Lake Tahoe police detectives, according to the affidavit. She would have been about 12 years old in 2011, when the videos are believed to have been made.

My invisible imaginary friend is the "true" creator

by Mr Robert on Tue Feb 17, 2015 at 10:44:23 AM PST

[ Parent ]

I'm a little pissed about this as well. (1+ / 0-)

Recommended by:
thenekkidtruth

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Thu Feb 19, 2015 at 04:55:44 PM PST

[ Parent ]

Excellent diary, even by your standards (27+ / 0-)

Recommended by:
pundit, kharma, Dallasdoc, Hillbilly Dem, xxdr zombiexx, corvo, ChemBob, stevemb, blueoasis, gooderservice, shaharazade, dclawyer06, DWG, dconrad, bobswern, Don midwest, CroneWit, mconvente, BYw, cybrestrike, Johnny Q, DRo, Mr Robert, gem56, eyo, JVolvo, happymisanthropy

I find this stuff just appalling. The NSA is nothing but a gang of cyber criminals.

by quince on Tue Feb 17, 2015 at 04:20:49 AM PST
Your tax dollars at work. (47+ / 0-)

Recommended by:
raboof, kharma, Dallasdoc, Hillbilly Dem, Mosquito Pilot, xxdr zombiexx, decitect, corvo, dewtx, ChemBob, stevemb, Hannibal, Medium Head Boy, blueoasis, StrayCat, gooderservice, NearlyNormal, shaharazade, AllanTBG, dclawyer06, dconrad, bobswern, CroneWit, mconvente, BYw, cybrestrike, nchristine, mkor7, Losty, T Maysle, Johnny Q, Teiresias70, DRo, Flying Goat, 420 forever, Mr Robert, Free Jazz at High Noon, eyo, leeleedee, tampaedski, bill dog, Betty Pinson, Pablo Bocanegra, protectspice, Alumbrados, mrkvica, JVolvo

"Nope. Can't afford to fix them bridges."

Thump! Bang. Whack-boing. It's dub!

by dadadata on Tue Feb 17, 2015 at 04:21:56 AM PST

Infrastructure is terrorism. (21+ / 0-)

Recommended by:
kharma, Hillbilly Dem, dewtx, ChemBob, stevemb, blueoasis, NearlyNormal, shaharazade, cybrestrike, Losty, T Maysle, Johnny Q, 420 forever, Mr Robert, tampaedski, Betty Pinson, Alumbrados, mrkvica, JVolvo, dadadata, happymisanthropy

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 04:56:04 AM PST

[ Parent ]

Unless it can return a 6,000% profit (2+ / 0-)

Recommended by:
mrkvica, Johnny Q

for everyone's campaign donors.

A Right Without A Remedy Is No Right At All

by Betty Pinson on Tue Feb 17, 2015 at 01:08:10 PM PST

[ Parent ]

We are so screwed!! (21+ / 0-)

Recommended by:
Shockwave, kharma, Hillbilly Dem, xxdr zombiexx, corvo, dewtx, ChemBob, stevemb, blueoasis, shaharazade, dclawyer06, bobswern, cybrestrike, samanthab, Mr Robert, eyo, Fishtroller01, bygorry, cville townie, Alumbrados, JVolvo

Welcome to 1984 everyone! George Orwell had no idea.

“Journalism is printing what someone else does not want printed: everything else is public relations.” - George Orwell

by reflectionsv37 on Tue Feb 17, 2015 at 04:23:37 AM PST

Remember Winston's TV, the one that gave him (28+ / 0-)

Recommended by:
Shockwave, kharma, white blitz, Hillbilly Dem, decitect, dewtx, ChemBob, reflectionsv37, stevemb, martini, blueoasis, StrayCat, lao hong han, shaharazade, terabytes, cybrestrike, samanthab, annominous, DRo, eyo, cville townie, protectspice, Just Bob, Alumbrados, mrkvica, Johnny Q, JVolvo, happymisanthropy

orders?

Orwell never imagined people would claw and scratch their way to a sale to buy the damned things themselves.....

WATCH IT: It's watching you as you WATCH IT (Your Samsung telly is)

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 04:59:12 AM PST

[ Parent ]

ziinnngggg! (6+ / 0-)

Recommended by:
xxdr zombiexx, StrayCat, eyo, shaharazade, dewtx, stevemb

by lao hong han on Tue Feb 17, 2015 at 05:48:56 AM PST

[ Parent ]

DITTO Use it! (4+ / 0-)

Recommended by:
Free Jazz at High Noon, stevemb, rja, cville townie

Stand On Zanzibar 1968
SCANALYZE MY NAME

READ THE DIRECTIONS
[...]
(DITTO Use it! The mental process involved is exactly analogous to the bandwidth-saving technique employed for your phone. If you’ve seen the scene you’ve seen the scene and there’s too much new information for you to waste time looking it over more than once. Use “ditto”. Use it!
—The Hipcrime Vocab by Chad C. Mulligan)
Peace
Peace

by eyo on Tue Feb 17, 2015 at 07:31:34 AM PST

[ Parent ]

Those who Love Big Brother do (3+ / 0-)

Recommended by:
happymisanthropy, eyo, Don midwest

Government and laws are the agreement we all make to secure everyone's freedom.

by Simplify on Tue Feb 17, 2015 at 12:09:44 PM PST

[ Parent ]

Ok, so we've just republished a (14+ / 0-)

Recommended by:
Bob Love, bobswern, Walt starr, shrike, FG, Catskill Julie, WI Lurker, sunbro, phenry, chrswlf, Fogiv, middleagedhousewife, fb, Susan G in MN

huge break into our nation's cyberintelligence capabilities. I Read the whole diary and missed mention of domestic use. I kept looking for the diary to say 'and this is bad because' or 'and the reason this is important to be discovered and leaked is because' but I didn't see that, either.

by GoGoGoEverton on Tue Feb 17, 2015 at 04:27:00 AM PST

Did you look at the map? (8+ / 0-)

Recommended by:
corvo, shaharazade, kharma, stevemb, Betty Pinson, Pablo Bocanegra, Little, JVolvo

Did you look at the map?

by Mosquito Pilot on Tue Feb 17, 2015 at 04:32:25 AM PST

[ Parent ]

It was grainy when zoomed but I believe it says (3+ / 0-)

Recommended by:
bobswern, WI Lurker, sunbro

the victims here are 'unknown' and 'Islamic Scholars.' Can you confirm?

by GoGoGoEverton on Tue Feb 17, 2015 at 04:39:39 AM PST

[ Parent ]

"Victims" (targets) in U.S. are Islamic Scholars.. (41+ / 0-)

Recommended by:
k9disc, kharma, white blitz, Hillbilly Dem, mosesfreeman, corvo, basquebob, dewtx, ChemBob, stevemb, Medium Head Boy, blueoasis, StrayCat, gooderservice, lao hong han, shaharazade, dconrad, Don midwest, CroneWit, JaxDem, BYw, rodentrancher, cybrestrike, Johnny Q, ozsea1, quill, 420 forever, gem56, jbob, eyo, Demeter Rising, bill dog, Betty Pinson, Pablo Bocanegra, cville townie, Little, wayoutinthestix, mrkvica, DeadHead, JVolvo, happymisanthropy

...and "OTHERS." (Think criminals, social activists, etc.)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 04:48:18 AM PST

[ Parent ]

KXL protestors, Occupy protestors (45+ / 0-)

Recommended by:
El Zmuenga, k9disc, manneckdesign, kharma, Hillbilly Dem, basquebob, dewtx, ChemBob, stevemb, Medium Head Boy, blueoasis, StrayCat, gooderservice, shaharazade, dconrad, bobswern, Don midwest, fb, mconvente, BYw, rodentrancher, cybrestrike, mkor7, Johnny Q, ozsea1, Teiresias70, DRo, quill, 420 forever, Mr Robert, gem56, jbob, quince, eyo, Demeter Rising, bill dog, Betty Pinson, Pablo Bocanegra, cville townie, Little, wayoutinthestix, Alumbrados, DeadHead, JVolvo, happymisanthropy

other protestors.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 05:00:13 AM PST

[ Parent ]

We'll just assume that. (2+ / 0-)

Recommended by:
sunbro, Fogiv

by GoGoGoEverton on Tue Feb 17, 2015 at 05:09:12 AM PST

[ Parent ]

They aren't spying on you (21+ / 0-)

Recommended by:
El Zmuenga, kharma, decitect, basquebob, stevemb, blueoasis, shaharazade, dconrad, zorp, cybrestrike, Johnny Q, ozsea1, quill, Mr Robert, Demeter Rising, Pablo Bocanegra, cville townie, Alumbrados, DeadHead, JVolvo, happymisanthropy

because it would be so irritating.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 05:37:14 AM PST

[ Parent ]

I should blog about weed a lot. (1+ / 0-)

Recommended by:
phenry

And compare smoking weed to every other societal ill constantly instead. That would make it far better ;)

by GoGoGoEverton on Tue Feb 17, 2015 at 05:48:27 AM PST

[ Parent ]

It would give you something to write about. (15+ / 0-)

Recommended by:
El Zmuenga, kharma, Occulus, Hillbilly Dem, basquebob, stevemb, blueoasis, zorp, Don midwest, cybrestrike, Mr Robert, bill dog, DeadHead, JVolvo, eyo

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 06:23:26 AM PST

[ Parent ]
Imitation and flattery? (3+ / 0-)

Recommended by:
mrkvica, DeadHead, Johnny Q

Here...... get busy.

Link -> http://www.rawstory.com/...

Title -> Here are 4 ways cannabis is good for your brain — and may save your life

An excerpt :

#4 – Cannabis promotes new brain cell growth
Government scare campaigns often claim that cannabis kills brain cells, but now we are learning the truth. Those discredited studies were done in the ’70s, by strapping a gas mask onto a monkey and pumping in hundreds of joints worth of smoke. The monkeys suffered from lack of oxygen, and that’s why their brain cells died.

Modern research is now proving the opposite. The active ingredients in cannabis spur the growth of new brain cells!

What you would do with this little paragraph is note that the study they reference was done by Carlton Turner, buddy of Ronald Reagan and those studies were done at Columbia University.
You would go on to note that the studies were SO discredited Turner actually left the country and went to Reefer Mad France.

And you would note it is Turner who turned Reagan on to piss testing, savaging the 4th Amendment for generations of Americans.

More links about turner -> https://www.google.com/...

As smart as you are, this should be pretty damned good.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 03:34:02 PM PST

[ Parent ]

Nah, we'll just assume that the Establishment (17+ / 0-)

Recommended by:
El Zmuenga, kharma, xxdr zombiexx, corvo, stevemb, blueoasis, gooderservice, dconrad, CroneWit, cybrestrike, nchristine, Johnny Q, eyo, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy

is lying when they label protestors and activists "terrorists".

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 06:56:56 AM PST

[ Parent ]

What protesters have been labeled terrorists? (2+ / 0-)

Recommended by:
Fogiv, sunbro

And by whom?

by phenry on Tue Feb 17, 2015 at 08:43:56 AM PST

[ Parent ]

Haven't Been Paying Attention, Have You? (14+ / 0-)

Recommended by:
El Zmuenga, xxdr zombiexx, corvo, run around, dconrad, cybrestrike, Johnny Q, DeadHead, quince, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy, bobswern

Anti-Terrorism Law Used to Have Americans Protesting Keystone XL Pipeline Arrested
A demonstration against Devon Energy and the company’s role in fracking and tar sands mining, including the Keystone XL pipeline, ended with four individuals being placed under arrest last week. Two of them were arrested by police on the basis that they had violated an Oklahoma anti-terrorism law prohibiting "terrorism hoaxes."

It is strongly suspected that this happened as a result of advice that TransCanada has been giving local law enforcement in states, where protests against the Keystone XL pipeline have been taking place. They have been meeting with law enforcement and suggesting how terrorism laws could be applied to stop citizens from protesting the corporation’s activities....

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:28:47 AM PST

[ Parent ]

Okay, so "Oklahoma," then. (1+ / 0-)

Recommended by:
Fogiv

Would not have been my first guess at who constitutes "the Establishment."

I also did not know that the state of Oklahoma runs the NSA.

by phenry on Tue Feb 17, 2015 at 09:32:59 AM PST

[ Parent ]

The Goalposts Are Climbing Over The Stands! nt (14+ / 0-)

Recommended by:
xxdr zombiexx, jrooth, corvo, run around, Simplify, dconrad, cybrestrike, Johnny Q, Pablo Bocanegra, k9disc, mrkvica, Demeter Rising, JVolvo, happymisanthropy

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:43:15 AM PST

[ Parent ]

The goalposts were gone when I got here, Officer (0+ / 0-)

I believe the implication being made here is that because the state of Oklahoma used an anti-terrorism law to arrest protesters, therefore the federal government must be spying on protesters. To me this makes no fucking sense, but maybe that's just because I pay attention to what people actually say.

by phenry on Tue Feb 17, 2015 at 10:04:44 AM PST

[ Parent ]
Yup (3+ / 0-)

Recommended by:
xxdr zombiexx, stevemb, happymisanthropy

It is so transparent and pathetic.

by Pablo Bocanegra on Tue Feb 17, 2015 at 01:20:22 PM PST

[ Parent ]

Heh..... (10+ / 0-)

Recommended by:
dconrad, cybrestrike, Johnny Q, DeadHead, k9disc, Pablo Bocanegra, mrkvica, Demeter Rising, JVolvo, happymisanthropy

FBI makes home visits to climate change activists, by Meteor Bladesl last Monday.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 11:25:05 AM PST

[ Parent ]
The NEA, for starters. n/t (0+ / 0-)

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 07:01:14 PM PST

[ Parent ]

People who make nasty comments (2+ / 0-)

Recommended by:
xxdr zombiexx, corvo

to elected officials on Twitter? I'm screwed.

America is a COUNTRY, not a CORPORATION. She doesn't need a CEO. Vote Obama.

by manneckdesign on Tue Feb 17, 2015 at 07:21:02 AM PST

[ Parent ]

I better don't think ... "OTHERS" is everybody /nt (2+ / 0-)

Recommended by:
stevemb, mrkvica

Die Gedanken sind Frei - caucus99percent

by mimi on Tue Feb 17, 2015 at 07:15:33 AM PST

[ Parent ]
Actually, I was thinking "all of us". (4+ / 0-)

Recommended by:
kharma, stevemb, bygorry, dconrad

I see two possible paths:

1) Assuming that this stuff "checks in" upon activation, it would be trivial to build a master list of "all compromised devices" for later use. As persons come under specific suspicion, it would be a question of "hey, are they on the list?"

2) Assuming that it doesn't "check in" unless/until it receives a trigger, then it's just a question of introducing the trigger to persons of specific interest...IF we assume that the device is compromised.

Either way, it makes sense (from their perspective) to compromise as many devices as possible in advance.

The word "parent" is supposed to be a VERB, people... Follow @wesmorgan1

by wesmorgan1 on Tue Feb 17, 2015 at 07:47:29 AM PST

[ Parent ]

Trust them. It's just about "terrorists" (22+ / 0-)

Recommended by:
El Zmuenga, kharma, white blitz, corvo, ChemBob, stevemb, gooderservice, shaharazade, dconrad, CroneWit, cybrestrike, nchristine, Losty, Johnny Q, quill, Mr Robert, quince, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy, eyo

like BLM, Keystone XL, and Occupy activists.

I was going to write a snarky,"It's all legal. No laws were broken." but you jumped that shark with blue shorts and a leather jacket.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 06:15:37 AM PST

[ Parent ]

They would have no need (2+ / 0-)

Recommended by:
artmartin, corvo

to infect the firmware of a handful of environmental and political activists. The techniques at the heart of the discussion are ways to remotely infect computers not attached to the grid. Nobody attached to the causes you site are attempting to evade detection or exposure to hacking by maintaining operations they believe to be entirely offline.

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 06:51:21 AM PST

[ Parent ]

No they are not! That is how these worms (9+ / 0-)

Recommended by:
kharma, stevemb, dconrad, CroneWit, cybrestrike, quince, mrkvica, JVolvo, eyo

are put onto an airgapped machine - a secure machine.

The USB stick is only needed for machines that have no connection to a network.

The idea that this stuff can't be dropped onto a machine that is connected to the internet seems more than a bit naive to me.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 07:00:10 AM PST

[ Parent ]

why is it necessary? (2+ / 0-)

Recommended by:
mrblifil, happymisanthropy

There are easier ways to infect and spy on those systems.

Gondwana has always been at war with Laurasia.

by AaronInSanDiego on Tue Feb 17, 2015 at 07:19:25 AM PST

[ Parent ]

Are there? I bet you it wouldn't be too (0+ / 0-)

hard to attach it to any cookie.

I mean, if it's firmware it's probably a very small payload.

Got this cookie? Get the bug.

Again, I'm not crazy to think this, am I?

Yottabytes.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 01:10:08 PM PST

[ Parent ]

Um... (1+ / 0-)

Recommended by:
corvo

when did I say anything like that. Or is everything in life a trigger for then opportunity to call someone "naive?"

Reading is fundamental:

The techniques at the heart of the discussion are ways to remotely infect computers not attached to the grid.
"Remotely infect" which means NOT a USB drive, which would be directly infecting not remotely infecting.
But again you seem to be missing the main point of the article. There is a vast effort underway for our government to gain access to the "bare metal" of targeted computers, especially those unconnected from internet communication. The entire point is that stuff CAN be dropped onto a machine that is NOT connected to the internet. Not that stuff CAN'T be dropped onto machines that ARE connected to the internet. So from where I sit you have interpreted the problem to be precisely obverse from reality.

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 07:28:33 AM PST

[ Parent ]
How many environmental activists (3+ / 0-)

Recommended by:
corvo, k9disc, Keninoakland

and political advocacy groups are using airgapped machines? Probably zero. I'm not saying these groups are not being spied on or hacked by traditional methods. But those methods are not the point of the revelations being discussed by the diarist.

Intelligent Designer Laments Lapse in Intelligence

by mrblifil on Tue Feb 17, 2015 at 07:30:43 AM PST

[ Parent ]

I was under the impression that you are looking (8+ / 0-)

Recommended by:
corvo, dconrad, cybrestrike, nchristine, Johnny Q, quince, JVolvo, happymisanthropy

at the delivery mechanism - the usb stick for airgapped machines - as the big part of the story. And I'm sure that's a part of the story that the real tech people are freaked out about - NOTHING is safe!

But the big part of the story, the relevant part of the story, is the undetectable malware that exists in the firmware of most computer hardware.

I'm not missing the point, am I?

The naive comment pertains to the part about missing just how dangerous this is for those of us on the wrong side of the Establishment as well as for critical IT infrastructure.

peace~

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 08:06:35 AM PST

[ Parent ]

"This is bad because..." (55+ / 0-)

Recommended by:
raboof, El Zmuenga, mimi, PeteZerria, ctsteve, kharma, Deward Hastings, mosesfreeman, corvo, basquebob, dewtx, ChemBob, snacksandpop, stevemb, martini, kovie, Medium Head Boy, blueoasis, gooderservice, shaharazade, AllanTBG, terabytes, dconrad, Don midwest, fb, CroneWit, mconvente, JaxDem, Greyhound, MrJayTee, BYw, cybrestrike, nchristine, Losty, Leftcandid, Johnny Q, Teiresias70, randomfacts, SouthernLiberalinMD, quill, Flying Goat, Joieau, 420 forever, Mr Robert, gem56, jbob, eyo, bill dog, Betty Pinson, Pablo Bocanegra, cville townie, Alumbrados, mrkvica, JVolvo, happymisanthropy

1.) ...it documents that the NSA is spying on folks domestically, in terms of hacking their computers (in quite an egregious manner). The support for this aspect of the story is available in the fine print of the first graphic in this diary (see the righthand side), which is displayed in a much clearer format in the Kaspersky Lab report, itself, reproduced at the bottom of the post.

2.) As in so many other instances, the government has been at the forefront of fearmongering when it comes "cyberterrorism," when, in fact, the U.S. gov't may be rightfully characterized as the biggest and most sophisticated cyberterrorist, of all. (In fact, this entire matter is the poster boy/story for everything that's wrong with our military-industrial-surveillance state, and its continuous efforts to stuff its pockets, along with the pockets of its corrupt minions on Capitol Hill.)

3.) Our nation's I.T. sector, which is the ONLY business (private) sector in this country which contributed more to Dems than Republicans in the 2012 cycle, is going to take a big hit--on top of many other big hits that it's taken in the past few years--as a byproduct of this travesty. And, I'm sure many of these companies are clueless about what's going on from the government's point of view. That being said, as BrooklynBadBoy noted in the other post on this story, a few hours ago, it's like the wild west as far as regulating Silicon Valley's concerned; and I totally agree with him in that regard. The ease with which personal data may be hacked in this country is far worse than most of the public realizes.

4.) I own a tiny software company, and one of the first things I tell clients in presentations is: EVERYTHING IS HACKABLE. Truth is, nowadays, when it comes to digital info and related infrastructure, the entire situation is far, far more fragile than most citizens realize.

I could go on...

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 04:45:49 AM PST

[ Parent ]

Bob, (4+ / 0-)

Recommended by:
WI Lurker, mrblifil, artmartin, phenry

1. I don't want to argue this one because I don't think we'd take 'unknown' as a legit source. I oppose spying on US citizens domestically and directly without a warrant, so I also oppose anything in this diary being applied to citizens directly as well.

2. It's literally not terrorism if a state does it; the definition of terrorism includes 'non-state actor.' Do you oppose the use of these programs against nuke proliferation, against ISIS strongholds, etc?

3. You're right; is that fair?

by GoGoGoEverton on Tue Feb 17, 2015 at 05:15:20 AM PST

[ Parent ]

State actors can, in fact, commit terrorism. (23+ / 0-)

Recommended by:
El Zmuenga, kharma, jrooth, corvo, basquebob, stevemb, Medium Head Boy, blueoasis, middleagedhousewife, shaharazade, CroneWit, Greyhound, cybrestrike, Johnny Q, SouthernLiberalinMD, Mr Robert, eyo, Betty Pinson, Pablo Bocanegra, Alumbrados, JVolvo, happymisanthropy, DeadHead

Take your pick of definition:

http://en.wikipedia.org/...
http://www.merriam-webster.com/...
http://dictionary.reference.com/...
http://www.oxforddictionaries.com/...

None exclude state actors.

by Flying Goat on Tue Feb 17, 2015 at 05:38:50 AM PST

[ Parent ]

Ok, my comment was too definitive. (2+ / 0-)

Recommended by:
Flying Goat, phenry

Your first link does say 'by nonstate actors' if you read past the first sentences. But, there appears to remain a large variance in the definition of terrorism (much to everyone's detriment) and so my language use was inappropriate.

by GoGoGoEverton on Tue Feb 17, 2015 at 06:10:05 AM PST

[ Parent ]

Good point (And yea, I was lazy). (3+ / 0-)

Recommended by:
kharma, GoGoGoEverton, stevemb

One of the reference.com definition explicitly includes state actors.

by Flying Goat on Tue Feb 17, 2015 at 06:58:38 AM PST

[ Parent ]
To everyone's detriment indeed. (1+ / 0-)

Recommended by:
GoGoGoEverton

To label state actions "terrorism" is to render the word meaningless. I choose not to play that game.

by phenry on Tue Feb 17, 2015 at 08:58:44 AM PST

[ Parent ]

Keep A Good Grip On Your Wall & Don't Fall nt (2+ / 0-)

Recommended by:
corvo, DeadHead

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:30:42 AM PST

[ Parent ]
The word is already meaningless. (12+ / 0-)

Recommended by:
corvo, poco, blueoasis, cybrestrike, Mr Robert, quince, ZhenRen, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy, DeadHead

And the exclusion of state actors is one of the several reasons for that.

"With all this manure around, there has to be a pony somewhere!" - Count Piotr Vorkosigan

by jrooth on Tue Feb 17, 2015 at 09:50:15 AM PST

[ Parent ]

You have it exactly backwards. (2+ / 0-)

Recommended by:
GoGoGoEverton, Fogiv

The word is meaningless because the George W. Bush administration repeatedly and maliciously used it to label actions taken by states they didn't like.

by phenry on Tue Feb 17, 2015 at 10:17:29 AM PST

[ Parent ]

Yep, when terrorism just means 'caused fear', (3+ / 0-)

Recommended by:
phenry, Fogiv, mrkvica

it's useless because we already have plenty of words that mean the same thing.

Unless of course, you endorse the 'terrorism-o-meter' a la Bush and Fox News.

by GoGoGoEverton on Tue Feb 17, 2015 at 10:35:21 AM PST

[ Parent ]
Actually the meaning was screwy long before Bush (2+ / 0-)

Recommended by:
mrkvica, happymisanthropy

The notion that the State has authority and legitimacy by virtue of statehood is self-serving to justify violence. Violence by anyone other than a state is thought to be illegal and wrong, while State violence is thought to have a basis in authority.

This is of course the way all imperialist states sanctify themselves and their imperialist violence.

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 01:12:49 PM PST

[ Parent ]

Why is state sponsored terror of communities (9+ / 0-)

Recommended by:
corvo, poco, middleagedhousewife, cybrestrike, Mr Robert, Pablo Bocanegra, mrkvica, happymisanthropy, Teiresias70

not terrorism?

Do states have an exemption due to a presumption of legitimacy of state authority that other entities presumably lack?

This is like saying torture isn't torture when states do it.

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 10:29:11 AM PST

[ Parent ]

It's just an act of war at that point. (1+ / 0-)

Recommended by:
Fogiv

Torture is different because definitionally, torture is torture regardless of who does it. If you disagree there's a difference, that's fine, but once everyone is a terrorist, no one is.

by GoGoGoEverton on Tue Feb 17, 2015 at 10:36:47 AM PST

[ Parent ]

Not true (4+ / 0-)

Recommended by:
corvo, poco, cybrestrike, thanatokephaloides

Acts of war when they break international law can be seen as terrorism. What authority controls the definition? Writers of dictionaries? What authority do they have?

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 10:42:00 AM PST

[ Parent ]
So the bombing of Pan Am 103 (0+ / 0-)

wasn't terrorism? Hezbollah and Hamas aren't terrorist organizations?

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 07:06:50 PM PST

[ Parent ]

How convenient (30+ / 0-)

Recommended by:
El Zmuenga, k9disc, kharma, jrooth, corvo, basquebob, stevemb, poco, Medium Head Boy, blueoasis, StrayCat, shaharazade, bobswern, CroneWit, cybrestrike, Johnny Q, ozsea1, SouthernLiberalinMD, Mr Robert, Free Jazz at High Noon, quince, eyo, Betty Pinson, Pablo Bocanegra, Alumbrados, mrkvica, JVolvo, happymisanthropy, DeadHead, truong son traveler

It's literally not terrorism if a state does it
You apparently have not been paying much attention to scholarship on terrorism. The definition you cite as gospel has been contested for over half a century (cf. the writings of Noam Chomsky and Edward S Herman). It is no longer 'radicals' only but mainstream academics who accept state terror as well and properly within the definition of terrorism.

by solublefish on Tue Feb 17, 2015 at 05:41:32 AM PST

[ Parent ]

Wow, that's a truly disgusting statement. (14+ / 0-)

Recommended by:
jrooth, stevemb, blueoasis, linkage, bobswern, cybrestrike, Johnny Q, Free Jazz at High Noon, Pablo Bocanegra, mrkvica, JVolvo, happymisanthropy, DeadHead, solublefish

Kind of like "It's not illegal if the President does it," or "It's not rape if a husband does it."

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:57:17 AM PST

[ Parent ]

That's not a recognized limitation (13+ / 0-)

Recommended by:
El Zmuenga, kharma, stevemb, shaharazade, CroneWit, cybrestrike, Johnny Q, Mr Robert, Free Jazz at High Noon, quince, Betty Pinson, JVolvo, DeadHead

You just made that up. To do something with the intention of instilling fear that leads to certain behaviors or lack thereof is the definition of terrorism, whether an individual, non-state group or country does it.

Fire-bombing Dresden
Carpet-bombing Vietnam
ISIS beheadings
Soviet/Putin gulags
Boston Marathon
Cop executions
9/11

These were all willful acts of terrorism.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:19:17 AM PST

[ Parent ]

Settle down. (3+ / 0-)

Recommended by:
artmartin, phenry, Fogiv

Would you like links to the numerous publications on the variances of 'terrorism' definitions? I said above before your snide comment that 'you just made that up' that my statement was in fact too definitive, but a link already posted above recognizes that some definitions have terrorism as non-state in nature.

Your list is comically inclusive; you're listing out what some consider war crimes, but they were acts of war by legitimate states. I don't even consider ISIS beheadings 'terrorism' because they are a de facto state. 'Terrorism' is a meaningless redundancy if 'everything that involves causing a high level fear' is its definition.

by GoGoGoEverton on Tue Feb 17, 2015 at 06:41:18 AM PST

[ Parent ]

There's been reporting... (7+ / 0-)

Recommended by:
kharma, stevemb, cybrestrike, Johnny Q, cville townie, JVolvo, DeadHead

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:44:28 AM PST

[ Parent ]
Also, your viewpoint is quite vile (19+ / 0-)

Recommended by:
El Zmuenga, k9disc, kharma, stevemb, blueoasis, gooderservice, dconrad, CroneWit, cybrestrike, Johnny Q, SouthernLiberalinMD, quince, Betty Pinson, Pablo Bocanegra, cville townie, Alumbrados, JVolvo, DeadHead, truong son traveler

Excusing the deliberate targeting of citizens just because it's wartime and the "good guys" are doing it. A profoundly vile viewpoint.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:45:40 AM PST

[ Parent ]

Oh come off it; your arm hurt from reaching? (3+ / 0-)

Recommended by:
artmartin, phenry, Fogiv

You wrote:

'Excusing the deliberate targeting of citizens just because it's wartime and the "good guys" are doing it. A profoundly vile viewpoint.'

I wrote: 'you're listing out what some consider war crimes'

Which is about as far from 'excusing' as you can get. If you're not even going to read someone's responses, why do you bother except to pick a fight?

by GoGoGoEverton on Tue Feb 17, 2015 at 06:48:40 AM PST

[ Parent ]

OMG you're absolutely SHAMELESS! (12+ / 0-)

Recommended by:
El Zmuenga, kharma, stevemb, dconrad, CroneWit, cybrestrike, Johnny Q, quince, Pablo Bocanegra, cville townie, JVolvo, DeadHead

You're in fucking Scott Walker/Rick Scott/Chris Christie territory! You deliberately left out the second part of what you LITERALLY just wrote above:

you're listing out what some consider war crimes, but they were acts of war by legitimate states.
"some consider"--meaning not you, because they were "acts of war" by "legitimate states", therefore AOK. Utterly and completely vile.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:52:35 AM PST

[ Parent ]

'Therefore utterly A-OK'. No, THAT's you being Fox (4+ / 0-)

Recommended by:
artmartin, phenry, Fogiv, Keninoakland

You're writing and implying that, not me. The only person acting like a group who twists words and adds inferences that aren't there is YOU.

The firebombing of Desden happened in World War II.

Carpetbombing in Vietnam during Vietnam War.

Gassing by Germans in World War I.

All acts that today could be considered War Crimes...all done by recognized states (legitimate).

by GoGoGoEverton on Tue Feb 17, 2015 at 06:57:16 AM PST

[ Parent ]

Vietnam was the very definition of terrorism. (11+ / 0-)

Recommended by:
kharma, corvo, stevemb, CroneWit, cybrestrike, Johnny Q, cville townie, JVolvo, DeadHead, truong son traveler, Don midwest

I mean the essence - like bodily fluids.

Kill 4M civilians to not let them go commie. Win hearts and minds with napalm and scorched earth.

And Vietnam was not a war. It was a conflict.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 07:05:52 AM PST

[ Parent ]
The Atomic Bomb was terrorism too. (10+ / 0-)

Recommended by:
kharma, corvo, CroneWit, cybrestrike, Johnny Q, cville townie, JVolvo, DeadHead, truong son traveler, Don midwest

Scare the shit out of them by killing tens of thousands of civilians.

War is targeted killing of military targets, terrorism is the targeted killing of civilians.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 07:08:52 AM PST

[ Parent ]
Knock it off with the fucking trolling, troll. ... (3+ / 1-)

Recommended by:
Brecht, Pablo Bocanegra, cville townie

Hidden by:
phenry

Knock it off with the fucking trolling, troll.
Yeah, I said it and I stand by it.

by Occulus on Tue Feb 17, 2015 at 10:30:44 AM PST

[ Parent ]

Hey, I got put into the hiddens the other day (2+ / 0-)

Recommended by:
phenry, Fogiv

just for saying someone else 'would know about trolling.' You're in the right diary to possibly be safe from that though, internet tough guy.

by GoGoGoEverton on Tue Feb 17, 2015 at 10:33:54 AM PST

[ Parent ]

Don't worry, phenry is here to HR that comment… (5+ / 0-)

Recommended by:
Brecht, Pablo Bocanegra, cville townie, kharma, Don midwest

…insulting you, in return for your HRing stevemb for insulting him.

You guys make a great team.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 10:53:16 AM PST

[ Parent ]

You're welcome to uprate it. (0+ / 0-)

But you won't.

by GoGoGoEverton on Tue Feb 17, 2015 at 12:09:15 PM PST

[ Parent ]
You're right. (4+ / 0-)

Recommended by:
GoGoGoEverton, Johnny Q, kharma, Don midwest

I won't.

This offers two benefits:

1) I avoid getting NR'd.
2) I get to call others out for their shitty uprates without being a hypocrite.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 12:44:23 PM PST

[ Parent ]
I cannot believe you posted that. (2+ / 0-)

Recommended by:
phenry, Fogiv

You've given up your whole game. Kudos.

by GoGoGoEverton on Tue Feb 17, 2015 at 01:04:46 PM PST

[ Parent ]
Yes, totally. (2+ / 0-)

Recommended by:
kharma, Don midwest

By refusing to break the "don't uprate insults" rule so that I don't get sanctioned like you did, along with pointing it out when others break that rule, I've exposed myself as...someone who tries to be consistent and doesn't think people should uprate shitty comments.

That you seem to think those are bad things says more about you than it does about me.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 03:51:59 PM PST

[ Parent ]
Then why take exception to phenry's HR (0+ / 0-)

if you recognize it as a 'shitty comment'?

by GoGoGoEverton on Tue Feb 17, 2015 at 04:06:23 PM PST

[ Parent ]
I didn't. (2+ / 0-)

Recommended by:
Don midwest, kharma

I was trying to comfort and reassure you.

And give you the recognition you both deserve—being a "team player" is an admirable personality trait.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 05:52:10 PM PST

[ Parent ]
1.5 hrs for that reply? (0+ / 0-)

Slipping up there, Deadhead. I'll go back to ignoring you now and you can practice with your regulars now.

by GoGoGoEverton on Tue Feb 17, 2015 at 07:24:02 PM PST

[ Parent ]
My loss. (2+ / 0-)

Recommended by:
Don midwest, kharma

:•(

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 08:17:08 PM PST

[ Parent ]

You've been threadjacking with the whole "What ... (1+ / 0-)

Recommended by:
kharma

You've been threadjacking with the whole "What defines terrorism" nit you've been picking at (so has phenry; yeah, I'm including THAT one in my comment here too) AND THAT IS A FORM OF TROLLING. I'd donut you BOTH for it right now if I weren't on mobile.
Stop it.

by Occulus on Tue Feb 17, 2015 at 12:35:49 PM PST

[ Parent ]

Now you're just making shit up. (2+ / 0-)

Recommended by:
Fogiv, Keninoakland

GoGoGoEverton said nothing about war crimes being "AOK," and no reasonable person could read that into what they wrote.

Please don't make stuff up.

by phenry on Tue Feb 17, 2015 at 08:46:35 AM PST

[ Parent ]

He said they weren't war crimes, but war ACTS (6+ / 0-)

Recommended by:
cybrestrike, Johnny Q, quince, Pablo Bocanegra, JVolvo, Don midwest

He was CLEARLY justifying them.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 09:01:31 AM PST

[ Parent ]

A war crime is an act of war, by definition. (2+ / 0-)

Recommended by:
Fogiv, Keninoakland

I mean, I could draw the Euler diagram for you if you want, but I really shouldn't have to. The class of acts called war crimes are a subset of the class called acts of war. That's pretty elementary. I don't see how that implies justification of war crimes, and I really don't see how anyone would assume that it does.

by phenry on Tue Feb 17, 2015 at 09:07:17 AM PST

[ Parent ]

All actions commited during war (2+ / 0-)

Recommended by:
Johnny Q, Don midwest

are "war acts", but not all are war CRIMES. Bombing the military bases of a country that just attacked you is a war act but not war crime. When you call something a war act but not crime you imply that it's not a war crime.

Who's the one having basic logic issues here?

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 10:16:12 AM PST

[ Parent ]

You are (1+ / 0-)

Recommended by:
Fogiv

because you don't seem to understand that the implications you're drawing are unwarranted, bear no relation to anything anyone here has said, and make no fucking sense.

But hey, whatever it takes as long as you get to characterize people as inhuman monsters for disagreeing with you, right?

by phenry on Tue Feb 17, 2015 at 10:28:40 AM PST

[ Parent ]

I did not say they weren't war crimes. Quote it (0+ / 0-)

if you disagree.

by GoGoGoEverton on Tue Feb 17, 2015 at 12:10:23 PM PST

[ Parent ]

"Utterly and completely vile." (0+ / 0-)

Sums the apologists up.

by Pablo Bocanegra on Tue Feb 17, 2015 at 01:22:22 PM PST

[ Parent ]

Keep uprating insults Pablo. (0+ / 0-)

We can smell the underside of your bridge from here.

by GoGoGoEverton on Tue Feb 17, 2015 at 01:38:19 PM PST

[ Parent ]

Well, good. (1+ / 0-)

Recommended by:
Don midwest

We can smell the underside of your bridge from here.
I guess that means you're no better than the person who called you a troll, above.
You know, the comment you're whining about Pablo uprating.

Then again, that's been pretty obvious for awhile now, you're just better at avoiding the hiddens for it, with exceptions of course.

Calling people "trolls" outright, over at the helpdesk, like you did to me earlier, is much safer.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Wed Feb 18, 2015 at 12:04:12 AM PST

[ Parent ]

What makes a state (13+ / 0-)

Recommended by:
corvo, stevemb, blueoasis, cybrestrike, Johnny Q, quince, Pablo Bocanegra, protectspice, JVolvo, happymisanthropy, truong son traveler, Teiresias70, Don midwest

legitimate if they use terrorism as a means to their nasty ass ends. Rogue nation states? Axis of evil? What makes the 'terror' inflicted on people legitimate? A de facto state my ass. The US has created the terrorists by it's own terror which they legitimatize with an absurd double speak loop. Then they catapult the fear propaganda and call it the GWOT. Acts of war against who and for what? The multinational thugs interests which have nothing to do any nations sovereignty.

High levels of fear is the MO of the US both domestically and globally. Perpetual global war waged against humans economically and militarily by the US enforcers is nothing but terrorism. Terror is not a function of a legitimate state. AUFM's cannot legitimatize the acts of terror committed by our endless dark spook agencies. From the der Homeland Security,the NSA to the CIA.

All the bloody spooks in cyberspace and real space are nothing but terrorist's. Definitions of terrorism or nit picking about who's a legitimate terrorist is impossible when a nation state declares the world as the battle ground and considers all humans as potential terrorists and 'enemies of the state'.

It seems to me that the sovereignty of nation states are no longer in our national interest. Can't have extremist insurgencies that threaten the interests of the real terrorists. As a profitable bonus the military and spooks create a endless supply of 'terrist's who are gonna kill yer family'.

by shaharazade on Tue Feb 17, 2015 at 08:08:44 AM PST

[ Parent ]

Recognition by the UN. (2+ / 0-)

Recommended by:
phenry, Fogiv

or general recognizance by most world states, is what makes them legitimate.

You guys should just come out and call the U.S. a terrorist state, and then every military action we take part in will be an act of terror, and you won't have to argue about it anymore because people will just decide whether or not they accept your premise.

by GoGoGoEverton on Tue Feb 17, 2015 at 08:35:23 AM PST

[ Parent ]

Not just every military action. (2+ / 0-)

Recommended by:
GoGoGoEverton, Fogiv

Every action, period. The terrorist state collect terrorist taxes to build terrorist roads so the terrorist mail, including terrorist Social Security checks, can be delivered. And so on.

Life is so awesome when you can just change what words mean.

by phenry on Tue Feb 17, 2015 at 09:02:48 AM PST

[ Parent ]

No, this is simply the way (6+ / 0-)

Recommended by:
corvo, Unduna, cybrestrike, shaharazade, happymisanthropy, truong son traveler

authoritarians justify violence. Its the assumption that the acts of a state have more legitimacy than the acts of other forms of groups, because a state is presumably acting with authority which the non-state group lacks.

All of which is hogwash. States assign to themselves legitimacy, but this is self-justifying.

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 10:39:32 AM PST

[ Parent ]
Really lame (2+ / 0-)

Recommended by:
Johnny Q, Don midwest

phenery. Every government action is not terrorist.I never said that and you damn well know this. How ever the dark security, military and spook, state within our government is just out of hand both here in der Homeland and globally. Terrorism abounds from all the enforcers of 'security'.

Also btw the postal service is being dismantled by-partisanly by the free market economic terrorist's who don't want any public actions interfering in their privatized profits. Chase for instance is responsible for your SS checks and any other 'doles' you get from the Feds.

Terror is not just focused on the extremists in the ME it's the way forward and anyone anywhere can be targeted as extremist if they rock the boat. you know mythical privatized boat that will raise the workers globally. The cops? and all the security agencies domestic certainly seem to be ready and willing to terrorize any insurrection here in the heartland/homeland.

by shaharazade on Tue Feb 17, 2015 at 05:47:13 PM PST

[ Parent ]

I just did call (5+ / 0-)

Recommended by:
corvo, cybrestrike, Johnny Q, truong son traveler, Don midwest

the US a terrorist state. People may or may not accept my premise depending on the level of their delusion or fear. The US is exceptional and must wage endless global war to stop extremism globally or for humanitarian intervention, and our security is unbelievable. As Mohamed Ali once said when he refused to fight in a proxy illegitimate war. 'I ain't got nothing against the Veit Cong'.

What have you got against the people that live in the places globally we deem extremist and invade, terrorize, bomb imprison and destroy? War cyber or real, covert or overt, against a nebulous ever morphing global enemy are not the acts of a legitimate nation state. Our military actions these days doesn't recognize any sovereignty. We have always been at war with.......

by shaharazade on Tue Feb 17, 2015 at 09:17:47 AM PST

[ Parent ]
Terrorism isn't just subversion. It's overt (1+ / 0-)

Recommended by:
shaharazade

manipulation of a populace by fear. If that means all war is terrorism, then so be it. If that means that the word becomes so unwieldy that it's rendered useless, then so be it.

Word definitions can't be cordoned off by geo-political mandates. Words are living things. It matters not who does it or how many are involved or who is invested or named this that or the other by the UN, "terrorism" is alive in comprehensive form and a word that applies without prejudice.

"In all chaos there is a cosmos, in all disorder, a secret order." Carl Jung

by Unduna on Tue Feb 17, 2015 at 10:51:09 AM PST

[ Parent ]

I'm pretty sure that my toilet paper (2+ / 0-)

Recommended by:
kharma, happymisanthropy

hasn't been hacked (and good luck to the NSA if it has--drug "sniffing" TP with stealth wireless upload capabilities, perhaps?). Other than that, though...

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:14:27 AM PST

[ Parent ]
heh (10+ / 0-)

Recommended by:
kharma, corvo, CroneWit, cybrestrike, Johnny Q, quill, eyo, JVolvo, happymisanthropy, truong son traveler

1. What part of Global don't you understand?
2. What part of "Full Spectrum Dominance don't you understand.
3. Trust the State. They only go after "Bad Guys".

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 06:17:50 AM PST

[ Parent ]
Thank you for your courage to post this diary/nt (4+ / 0-)

Recommended by:
eyo, CroneWit, bobswern, happymisanthropy

Die Gedanken sind Frei - caucus99percent

by mimi on Tue Feb 17, 2015 at 07:18:27 AM PST

[ Parent ]

domestic use (0+ / 0-)

* some phone metadata collection that was already known (and, to be fair, is worth ongoing debate)

* some LOVEINT bad apples (every entity has a few bad apples)

* some Muslim-Americans who may or may not have had extremist ties -- in fact, the fearmongers didn't bother providing any real details

* some unavoidable "incidental collection" as one would expect with any intelligence/law-enforcement operation.

So, yeah, color me unimpressed. Pretty much all we've seen for going-on-two-years is legitimate foreign-intelligence gathering. Now, aside from conflating domestic and foreign, Greenwald and his ilk have also erected something of a straw man: that the NSA's mission is solely hunting terrorists. No government's SIGINT focuses only on hunting terrorists -- economic and diplomatic espionage are all fair game.

by Sucker Politics on Tue Feb 17, 2015 at 10:12:04 PM PST

[ Parent ]

The Difference Between Honest And Corrupt Entities (0+ / 0-)

every entity has a few bad apples
Honest entities see to it that the bad apples are meaningfully punished (i.e. drummed out an prosecuted to the full extent of the law).
Corrupt entities sweep the bad apples under the rug (i.e. apply trivial administrative sanctions while keeping the bad apples employed and shielded from the law).

The NSA is an example of the latter. You can admit that, or you can cite some examples of LOVEINT stalking prosecutions. Good luck on the latter, because damned if I can find any.

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Thu Feb 19, 2015 at 05:39:22 PM PST

[ Parent ]

Corporate coup d'etat & Security state coup (36+ / 0-)

Recommended by:
roonie, k9disc, kharma, Hillbilly Dem, xxdr zombiexx, corvo, dewtx, ChemBob, stevemb, Tool, martini, Medium Head Boy, blueoasis, StrayCat, gooderservice, AllanTBG, dclawyer06, dconrad, bobswern, CroneWit, JaxDem, Greyhound, cybrestrike, nchristine, Johnny Q, DRo, gem56, quince, eyo, Fishtroller01, TheRickles, protectspice, Alumbrados, JVolvo, happymisanthropy, truong son traveler

Chris Hedges has for a couple of years pointed out that there has been a corporate coup d'etat

Now we know how it can be maintained. Spy on everyone. No one can get away with it.

How to explain that the CIA has been able to block any accountability for torture which violates international law?

How to explain that banksters, like HBSC, are criminal organizations who launder money for drug lords and get off with a fine?

How to explain that energy extraction companies continue, but with some set backs, to hack the planet?

How to explain a media that within the main stream media had zero coverage of TPP which goes so far as to give up sovereignty?

by Don midwest on Tue Feb 17, 2015 at 04:45:00 AM PST

This is the thing. (12+ / 0-)

Recommended by:
corvo, Simplify, stevemb, bobswern, cybrestrike, nchristine, Losty, annominous, protectspice, JVolvo, Teiresias70, Don midwest

And nobody wants to even think about it. Every time this story (or the other related revelations regarding our overlord's abuse) has been released in the past, it got this same reception.

No it's not true, you're all crazy conspirators!
So maybe it is true, but it's not as bad as it sounds and they're only using it on bad guys.
OK, so they are using it on us and it is as bad as they said, but everybody does it and it doesn't matter anyway because they have a tough job in a dangerous world and, Yay Team!

We were warned, we're still being warned, but most are so invested in the status quo that they willingly sacrifice us all to maintain their illusion of freedom.

"Those who can make you believe absurdities can make you commit atrocities." - Voltaire

by Greyhound on Tue Feb 17, 2015 at 09:14:45 AM PST

[ Parent ]

Heh. (26+ / 0-)

Recommended by:
kharma, white blitz, dewtx, reflectionsv37, stevemb, martini, blueoasis, shrike, gooderservice, NearlyNormal, shaharazade, dclawyer06, bobswern, Don midwest, CroneWit, cybrestrike, nchristine, samanthab, Johnny Q, gem56, eyo, tampaedski, bill dog, Alumbrados, JVolvo, happymisanthropy

We can simply make wild assumptions now and the realities are far beyond this.

I remember my first psychology internship, dealing with people who had paranoid schizophrenia.

A couple of them were certain the 'government' had 'little cameras everywhere' looking at them.

In 1980 I am certain that as just their illness.

Now? Hey, buddy: they spy on all of us.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 04:49:35 AM PST

In general, the wall between (12+ / 0-)

Recommended by:
Don midwest, StrayCat, eyo, nchristine, white blitz, shaharazade, stevemb, Losty, blueoasis, Johnny Q, JVolvo, happymisanthropy

the mentally ill and the "sane" is not as solid as most people think. Even the most out there delusions, in my experience, have a grain of truth to them. And the delusions of the "sane" people - this spying stuff won't affect me, just the people that "deserve" it? those don't strike me as all that rational.

by samanthab on Tue Feb 17, 2015 at 05:31:24 AM PST

[ Parent ]

I always think of Hemingway. Shot himself to av... (17+ / 0-)

Recommended by:
ozsea1, PeteZerria, eyo, nchristine, Teiresias70, white blitz, shaharazade, kharma, xxdr zombiexx, stevemb, Losty, blueoasis, Johnny Q, Simplify, protectspice, JVolvo, happymisanthropy

I always think of Hemingway.
Shot himself to avoid more electroshock therapy for his paranoia. Paranoia that the FBI was watching his every move. Which they totally were.

by Geiiga on Tue Feb 17, 2015 at 05:38:50 AM PST

[ Parent ]

not paranoia if they really are out to get ya nt (10+ / 0-)

Recommended by:
eyo, corvo, kharma, bill dog, Demeter Rising, xxdr zombiexx, stevemb, blueoasis, dconrad, JVolvo

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 07:09:59 AM PST

[ Parent ]

And.... (5+ / 0-)

Recommended by:
nchristine, stevemb, blueoasis, Simplify, k9disc

Even if they aren't out to get you, that doesn't mean they won't screw up and get you anyway.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 09:24:38 AM PST

[ Parent ]

None of this spying - none of it - has ever (30+ / 0-)

Recommended by:
kharma, Hillbilly Dem, ChemBob, stevemb, martini, Medium Head Boy, blueoasis, StrayCat, shaharazade, AllanTBG, dclawyer06, bobswern, Don midwest, CroneWit, mconvente, rodentrancher, cybrestrike, nchristine, mkor7, Losty, samanthab, Johnny Q, Mr Robert, gem56, Demeter Rising, Pablo Bocanegra, Alumbrados, JVolvo, happymisanthropy, Situational Lefty

'helped people'. They could not even keep up with the half-assed Tsnarev brothers. Misspell their name and they are invisible but, hey, YOUR and MY hard drives, with all their useless information on them - that they can keep track of.

Pissants.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 04:51:40 AM PST

I'm not going to go that far (4+ / 0-)

Recommended by:
nchristine, kharma, CroneWit, dconrad

It's quite possible that some of this has helped foil plots. I'm guessing that it has. But that doesn't change the fact that it's immoral, illegal, and a massive waste of resources that could be better used elsewhere, to do this on a mass and indiscriminate scale, if that is in fact what's been going on.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:12:22 AM PST

[ Parent ]

It's More Likely To Have Foiled Counterterrorism (4+ / 0-)

Recommended by:
nchristine, corvo, dconrad, happymisanthropy

The Feds got a specific warning about the Tsarnaev brothers, but the signal got lost in the avalanche of noise they insist on scooping up.

On the Internet, nobody knows if you're a dog... but everybody knows if you're a jackass.

by stevemb on Tue Feb 17, 2015 at 09:34:46 AM PST

[ Parent ]

The fact that it didn't stop that attack (1+ / 0-)

Recommended by:
middleagedhousewife

doesn't prove that it didn't stop others, or even that it couldn't and wouldn't have stopped it had authorities used the intel it may have provided properly, just the way that 9/11 may have been prevented had they acted upon the intel they had at the time. A failure to stop an attack doesn't prove an inability to be able to stop it, or that the intel that could have stopped it was poor.

In any case, my point was that intel isn't necessarily useless, if meaningfully targeted and used properly, but that doesn't allow or necessitate broad and unlimited spying of the sort we fear is going on here.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 10:21:14 AM PST

[ Parent ]

My thought exactly. (0+ / 0-)

Collecting the data isn't worth anything (except to intimidate people) unless you devote enough resources, including smart people, to combing through it and analyzing patterns and actually adding things up. Before 9/11, the CIA or NSA knew that al Qaeda was chattering about using commercial airplanes as bombs. But no one thought to link that up with foreign nationals taking flying lessons and not being at all interested in learning how to land the plane. And no one linked both of those up with actually flagging people as they entered the country or got on an airplane.

Same with Tsarnaevs -- they let a warning lapse after a year, so when he came back from Chechnya, no alarm went off.

I guess I'm just as glad they don't have millions of people connecting up all those dots. But without it, the data is only (maybe) useful in hindsight, which is not what they tell us to justify it.

by rugbymom on Tue Feb 17, 2015 at 11:48:43 AM PST

[ Parent ]

I'm just going to park this here.... (35+ / 0-)

Recommended by:
Shockwave, k9disc, kharma, Hillbilly Dem, dewtx, ChemBob, stevemb, martini, kovie, blueoasis, StrayCat, shaharazade, AllanTBG, dclawyer06, dconrad, bobswern, Don midwest, CroneWit, mconvente, triplepoint, BYw, rodentrancher, cybrestrike, nchristine, mkor7, samanthab, Johnny Q, Teiresias70, Miggles, Mr Robert, eyo, Fishtroller01, Alumbrados, happymisanthropy, Situational Lefty

seems appropriate.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 04:53:32 AM PST
Wonder if we're spying on the Greek gov't? (24+ / 0-)

Recommended by:
kharma, Hillbilly Dem, xxdr zombiexx, corvo, dewtx, stevemb, Tool, martini, blueoasis, StrayCat, gooderservice, shaharazade, bobswern, Don midwest, rodentrancher, cybrestrike, mkor7, samanthab, Johnny Q, Mr Robert, bill dog, cville townie, Alumbrados, happymisanthropy

For Al Quaeda affiliates, etc.
Because, terrorism.

;-)

shake well

by dclawyer06 on Tue Feb 17, 2015 at 04:55:35 AM PST

Given that the Greeks are rallying to oppose (24+ / 0-)

Recommended by:
mollyd, PeteZerria, kharma, Deward Hastings, dewtx, stevemb, martini, blueoasis, StrayCat, Don midwest, rodentrancher, cybrestrike, mkor7, Losty, samanthab, Johnny Q, Teiresias70, a2nite, Mr Robert, bill dog, Pablo Bocanegra, cville townie, Alumbrados, happymisanthropy

austerity, YES they are being spied upon because the majority of humans are to be cast into poverty and sectioned off from the rest of the world that is increasingly owned by the super-wealthy.

We are all to be fucked hard and anything we can do to organize and resist must be smashed.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 05:02:30 AM PST

[ Parent ]

You mean, (15+ / 0-)

Recommended by:
PeteZerria, kharma, xxdr zombiexx, corvo, stevemb, martini, StrayCat, Don midwest, cybrestrike, Losty, Johnny Q, ozsea1, Mr Robert, bill dog, cville townie

we'd spy on Yanis Varoufakis and Alexis Tsipras(for dirt, and to monitor their internal discussions on negotiations, a possible Grexit, etc.) and then give that info to the Germans?

Or EU bankers?

Harrumph!

shake well

by dclawyer06 on Tue Feb 17, 2015 at 05:06:18 AM PST

[ Parent ]

Whatever fucks the People, Make It So. (13+ / 0-)

Recommended by:
PeteZerria, kharma, stevemb, martini, StrayCat, dclawyer06, cybrestrike, Johnny Q, ozsea1, a2nite, Mr Robert, cville townie, happymisanthropy

Sincerely,

The Rich.

You can give a 9 yo Girl an Uzi but you can't make pot brownies for adults.

[41984 | Feb 4, 2005]

by xxdr zombiexx on Tue Feb 17, 2015 at 05:42:43 AM PST

[ Parent ]

As I've stated this line before... (25+ / 1-)

Recommended by:
kharma, corvo, stevemb, martini, Medium Head Boy, blueoasis, StrayCat, gooderservice, shaharazade, AllanTBG, dclawyer06, Don midwest, rodentrancher, cybrestrike, Johnny Q, Joieau, a2nite, Mr Robert, Free Jazz at High Noon, eyo, Fishtroller01, bill dog, Pablo Bocanegra, cville townie, happymisanthropy

Hidden by:
ozsea1

...it's kinda like a dog why they lick their genitals. The answer's automatically, "Yes. The U.S. gov't is spying on the Greek gov't."

Why?

Because they can!

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 05:12:48 AM PST

[ Parent ]
Hey those Greeks (8+ / 0-)

Recommended by:
corvo, stevemb, cybrestrike, Johnny Q, Mr Robert, dclawyer06, Pablo Bocanegra, happymisanthropy

are a real threat to the Davos crowd. Goldman Sachs, the world Bank, the EU and the global bankster's of austerity do not abide insurgents. Democracy and economic justice are against their interests. We will all go over those cliffs of fiscal mass deception if the extremist far lefties or the impoverished people decide that they are not going to take this shit anymore and use democracy to pry off the giant vampire squid.

by shaharazade on Tue Feb 17, 2015 at 08:19:09 AM PST

[ Parent ]

EMC is the largest disk drive manufacturer (4+ / 0-)

Recommended by:
eyo, martini, highacidity, stevemb

this list represents companies that produce almost all of the hard drives in the world:
Maxtor
Seagate
Western Digital
Samsung
Toshiba
Hitachi
Micron

Not a big mistake though.
http://www.emc.com/...

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 05:06:41 AM PST

That company is not even on the list of any of ... (7+ / 0-)

Recommended by:
kharma, Medium Head Boy, blueoasis, Don midwest, cybrestrike, Free Jazz at High Noon, Pablo Bocanegra

That company is not even on the list of any of the Google searches I find for "biggest hard drive manufacturers", "biggest hard drive company", "hard disk manufacturers company list", and so on.
You are clearly completely wrong.

by Occulus on Tue Feb 17, 2015 at 06:26:53 AM PST

[ Parent ]

Agreed. Need some source for shrike's comment (3+ / 0-)

Recommended by:
kharma, blueoasis, cybrestrike

Here's amazon's list of hard drive manufacturers: http://www.amazon.com/...

So this EMC is the largest? But you can't even buy them on Amazon?

by Medium Head Boy on Tue Feb 17, 2015 at 07:33:32 AM PST

[ Parent ]

They are not consumer-facing. (3+ / 0-)

Recommended by:
stevemb, shrike, FG

Their market would not be shopping on amazon, heh. Think big...

Misled Into War: A Timeline/DowningStreetMemo.com

by highacidity on Tue Feb 17, 2015 at 09:34:25 AM PST

[ Parent ]

"Take advantage of all of them." (1+ / 0-)

Recommended by:
corvo

The Federation of companies brings together EMC, Pivotal, RSA and VMware, strategically aligned around you. The benefit is total choice, openness, and the freedom to get exactly what you need. There’s an emerging world of big data, mobile, cloud, and social, with huge opportunities. Take advantage of all of them.
Investor Relations
Cloud transforms IT
blablabla [...] Phase I focuses on the storage/analytics infrastructure. Phase II involves the people and processes for analyzing and interpreting data sets. Phase III focuses on becoming a predictive ~~enterprise~~ spy network—the technology and the people that make big data a part of the way you do ~~business~~ government.

Hah, just having fun with the $CORPORATE concern. :D
Peace

by eyo on Tue Feb 17, 2015 at 07:51:11 AM PST

[ Parent ]

EMC Collaboration with NSA - wiki repeats (6+ / 0-)

Recommended by:
corvo, stevemb, blueoasis, linkage, cybrestrike, happymisanthropy

Collaboration with NSA

RSA Security, the security division of EMC, has received widespread criticism for accepting $10 million in a secret deal with NSA to make Dual_EC_DRBG the default cryptographically secure pseudorandom number generator in its prominent BSAFE cryptography library, and continuing to use it until 2013.
Though not confirmed in absolute terms, since 2007 Dual_EC_DRBG 2007 has been suspected to contain a backdoor from NSA, with almost-confirmation coming in a 2013 New York Times article following the Snowden leak.
[,,,]
Though Dual_EC_DRBG was highly suspect after 2007, its usage in BSAFE was not widely known until the 2013 New York Times article brought back focus to Dual_EC_DRBG.

At the 2014 RSA Conference, RSA Security Executive Chairman Art Coviello defended RSA Security's choice to keep using Dual_EC_DRBG by saying "it became possible that concerns raised in 2007 might have merit" only after the National Institute of Standards and Technology acknowledged the problems in 2013.

by eyo on Tue Feb 17, 2015 at 08:28:31 AM PST

[ Parent ]

EMC is not a drive manufacturer (3+ / 0-)

Recommended by:
phenry, corvo, cybrestrike

and never has been.

They buy their drives from real drive manufacturers and assemble them into "storage solutions".

by greblos on Tue Feb 17, 2015 at 10:23:16 AM PST

[ Parent ]

Also.... (6+ / 0-)

Recommended by:
phenry, corvo, Simplify, cybrestrike, nchristine, Mr Robert

There are really only about 2.5 drive manufacturers today. Seagate & Western Digital own pretty much all of the market between them - that's what happened when Seagate bought Samsung's drive division, and WD bought Hitachi's.

Toshiba exists as a disc drive pretty much only because China insisted that a third source exist for drives and is getting support from the final agreements that allowed the above mergers.

Maxtor merged with Seagate nearly a decade ago.

Micron's a SSD company, not a disc drive company. It might have had firmware infected, however (SSD's look like disc drives to the operating system, they're "storage", so the vector might be the same).

by greblos on Tue Feb 17, 2015 at 10:31:21 AM PST

[ Parent ]
State of the disc drive industry today (4+ / 0-)

Recommended by:
phenry, corvo, cybrestrike, happymisanthropy

There are only 3. It'll be unlikely to merge further due to antitrust interests in both China and USA.

https://en.wikipedia.org/...

by greblos on Tue Feb 17, 2015 at 10:37:03 AM PST

[ Parent ]
EMC makes large enterprise disk drive systems. (0+ / 0-)

Big iron. They don't show up on the PC only disk drive list.

At $25 billion in revenue they are easily bigger than Seagate or Western Digital - both around $15 billion.

They make the entire system. Of course they source some components like chips.

Nice try though.

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 01:52:47 PM PST

[ Parent ]

Your facts are wrong (3+ / 0-)

Recommended by:
bobswern, happymisanthropy, cybrestrike

Every single disc drive in their systems is sourced from one of the disc drive manufacturers (which are currently down to 2 independent, one captive).

They're a customer to the disc drive companies, they are not a manufacturer of disc drives.

I could say how I know this but that violates terms of my job. Instead just follow the wikipedia link for the actual disc drive manufacturers that have existed from the time the technology was invented in the late 70s to present. All of the dead companies are there, plus the three live ones.

You will not find EMC on that list. That is because it treats disc drive manufacturers as a component of their supply chain. Saying EMC is a disc drive manufacturer is no more accurate than saying Apple is a disc drive manufacturer (in 2015 - they tried--briefly). Both buy the disc drives and incorporate them into value-add products. One's sells storage arrays, the other sells PC's/laptops. Neither make drives (and both show up on customer lists for the three real disc drive companies)

by greblos on Tue Feb 17, 2015 at 02:10:26 PM PST

[ Parent ]

I had a large, very well-known cd-rom drive... (3+ / 0-)

Recommended by:
greblos, happymisanthropy, cybrestrike

...manufacturer as a direct (tech and p.r.) client in the mid-90's. Most folks back then, as is the case with so many other goods sold in this country these days, didn't realize that they (the client), in fact, manufactured half of the cd-rom drives purchased in this country, under something like 14 different brands. And, that's the way these supply chains work, nowadays, in many sub-sectors of consumer goods.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:22:29 PM PST

[ Parent ]
The actual platter is not much value add. (1+ / 0-)

Recommended by:
highacidity

GM and Ford make autos. The axle could be made by American Axle and the power train by Johnson Controls.

The auto is the storage system in this analogy.

Disk drive systems have controllers and software far beyond the physical drive. And this is pertinent when discussing security because the value add of EMC is THE security layer and communications subsystem.

You should know this unless you are just trying to be pedantic.

At $25 billion they are obviously much more substantial than a Western Digital at 60% of that.

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 02:28:08 PM PST

[ Parent ]

EMC's focus is cloud storage systems... n/t (0+ / 0-)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:36:35 PM PST

[ Parent ]
I never said EMC wasn't a storage company (0+ / 0-)

It just isn't a disc drive company.

The very high end, screamingly fast, high density, low power consumption etc etc etc drives that they use are sourced from Seagate and WD.

A more accurate analogy is that Boeing first built the 747, but they did not build the engines. Those were sourced from GE and Rolls Royce. Boeing built aircraft but not the engine, those companies were two of the three big engine manufacturers at the time (in the 70s) and won the bid for the project.

https://en.wikipedia.org/...

The aircraft can't fly without the engines, but the engines are pretty worthless without an aircraft to make use of them. Bottom line though, if an airplane crashed because of the engines, it was GE or Rolls Royce that got investigated, not Boeing.

EMC obviously has a significant value add over a bare drive. But the topic of this thread is drives infected at the firmware level by malware. Modern disc drives have a hell of a lot of firmware and software, they do a lot of what controllers used to do natively. EMC wasn't on the list in this article because if an EMC storage array got infected at the drive level, it's Seagate or WD that would be flagged, not EMC.

by greblos on Tue Feb 17, 2015 at 04:01:21 PM PST

[ Parent ]

But a platter cannot become infected unless (0+ / 0-)

a virus/worm travels past the huge EMC storage ecosystem which also includes Brocade and Emulex parts.

EMC is the responsible party to IT and you know it. Seagate is a mere parts supplier.

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 04:41:48 PM PST

[ Parent ]

If the EMC firmware (0+ / 0-)

had been infected, the article would have said so.

The article did not. It instead listed a string of current and former disc drive manufacturers plus a SSD manufacturer.

I'm not entirely sure why you brought EMC into this discussion at all, but I've answered the ask on why they were not on the list.

That list contained every company that created a disc drive in the last decade with more than 1% market share, plus a SSD manufacturer. Some of those companies also still make SSDs, but most SSD manufacturers weren't on the list. So I'm not entirely sure what's up with Micron.

by greblos on Tue Feb 17, 2015 at 05:26:26 PM PST

[ Parent ]

I brought EMC in because the diary was misleading (0+ / 0-)

much in the same way other diaries of bobswern's are.

They are broad accusatory scare mongering diaries with the Obama administration as the culprit. I know that that disk storage systems are more secure than he says they are and EMC lack of inclusion proves it.

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 06:36:45 PM PST

[ Parent ]

As usual, shrike, you troll the comments... (0+ / 0-)

...in this diary with your own misleading statements in support of the status quo, general misinformation and mindless bullshit. (If this is therapeutic for you, please continue. Thankfully, the regular readers of my posts are fully aware of from whereof you speak.)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 06:55:00 PM PST

[ Parent ]

I am not "trolling the comments" at all. (1+ / 0-)

Recommended by:
Susan G in MN

I made one comment and then responded to replies.

That is it. One single comment and no comments on those made by others in your diary (excepting that one comment of mine).

You should apologize.

"The American free market system is the greatest engine for prosperity and opportunity that the world has ever seen." - Barack Obama

by shrike on Tue Feb 17, 2015 at 07:47:42 PM PST

[ Parent ]

Double plus UNGOOD. nt (6+ / 0-)

Recommended by:
corvo, eyo, Teiresias70, stevemb, blueoasis, Situational Lefty

by martini on Tue Feb 17, 2015 at 05:52:51 AM PST
This is so wrong, yet not that surprising. (11+ / 0-)

Recommended by:
Shockwave, k9disc, kharma, corvo, stevemb, blueoasis, shaharazade, cybrestrike, Johnny Q, Mr Robert, eyo

Its more of the same attitude of disrespect for the basics of humanity. They seem to think the entire world is prison ward.

One name on the blue readout that wasn't marked was IBM. They make all kinds of control chips and basic semiconductor elements in business machines, like what banks use.

A true craftsman will meticulously construct the apparatus of his own demise.

by onionjim on Tue Feb 17, 2015 at 06:00:31 AM PST

The world is our battle field. That's a fact. nt (10+ / 0-)

Recommended by:
kharma, corvo, stevemb, blueoasis, onionjim, shaharazade, Don midwest, cybrestrike, Johnny Q, eyo

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 06:21:18 AM PST

[ Parent ]

Let's make peace tonight in a good time (4:20) (3+ / 0-)

Recommended by:
onionjim, stevemb, k9disc

by eyo on Tue Feb 17, 2015 at 07:57:49 AM PST

[ Parent ]

Running Linux or BSD can provide SOME protection (6+ / 0-)

Recommended by:
terabytes, dewtx, nchristine, CroneWit, stevemb, blueoasis

While the malicious hard drive firmware the Equation Group has developed resides "below" the OS, it has to interface with, and subvert, the OS in order to capture data and report back. The payloads discussed on Ars Technica all seem to require Windows - specific features to do this.

Although, quoting from the Kaspersky Lab Report:

All the malware we have collected so far is designed to work on Microsoft’s Windows operating system. However, there are signs that non-Windows malware does exist. For instance, one of the sinkholed C&C domains is currently receiving connections from a large pool of victims in China that appear to be Mac OS X computers (based on the user-agent) . . . This leads us to believe that a Mac OS X version of DOUBLEFANTASY also exists.
Additionally, we observed that one of the malicious forum injections, in the form of a PHP script, takes special precautions to show a different type of HTML code to Apple iPhone visitors. Unlike other cases, such as visitors from Jordan, which does not get targeted, iPhone visitors are redirected to the exploit server, suggesting the ability to infect iPhones as well.

I think it's safe to assume that Android is vulnerable as well, given the amount of proprietary code in that OS.
It should be much harder (although not necessarily impossible) to provide the data capture and reporting features of the malware on an open OS, where the system code is reviewed for such exploits. You should gain a measure of resistance by running one of the high-security distributions of Linux or BSD and not installing proprietary, closed source drivers or programs.

That said, I have a Linux system, and it's really hard to take advantage of all the features of certain hardware without resorting to proprietary drivers.

by rodentrancher on Tue Feb 17, 2015 at 06:01:01 AM PST

Not really. If you know what DMA is and (4+ / 0-)

Recommended by:
nchristine, kharma, stevemb, ozsea1

how it can be used to hijack a system then you will know that no OS is safe. You can review the code all you want, if the hardware or even the compiler is compromised then you are screwed. In fact, this was known in 1984. Just ask Ken Thompson if you don't believe me.

In other words, did you audit the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled the compiler that compiled your OS kernel?

And even if you did, just add a few dozen more "that compiled the compiler" in there.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 06:43:24 AM PST

[ Parent ]

By that line of reasoning . . . (6+ / 0-)

Recommended by:
charlatan, kharma, stevemb, blueoasis, FG, happymisanthropy

. . . because a really sophisticated thief, given enough time and resources, can get past any lock, then I might as well leave all the doors to my house open and all my money and jewelry on the dining room table every time I leave my house.

Gcc is possibly the most closely examined software there is. Is it possible that some versions have been back-doored? Sure. Is it possible that a hole could be propagated across versions, indefinitely, with hooks to interface with whatever arbitrary nastiness the NSA wants to come up with, in such a manner that no one ever catches anomalous behavior?

Yeah, it is possible. But compare that with the demonstrated ease of Windows exploits. Even the NSA doesn't have infinite resources. A soft target used by many is always going to be a priority over a much harder target used by relatively few.

Keep an eye on Kaspersky - if this exploit is ever found to be effective on a *nix/BSD system, they'll let us know.

by rodentrancher on Tue Feb 17, 2015 at 07:34:32 AM PST

[ Parent ]

The NSA effectively has infinite resources as (0+ / 0-)

well as capabilities you likely have never dreamed of. Hell, they probably already have TLL based encryption cracking systems which are the one thing capable of breaking even one time pads due to (ab)use of the Novikov self-consistency principle.

Hell, it wouldn't surprise me if they had the capability to, at this very moment, stop the 9/11 attacks from having had happened.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 08:39:09 AM PST

[ Parent ]

Wrong three letters... (2+ / 0-)

Recommended by:
stevemb, middleagedhousewife

I believed you've confused "NSA" with "God".

NSA is dangerously powerful, not omnipotent.

by rodentrancher on Tue Feb 17, 2015 at 09:15:59 AM PST

[ Parent ]

Not omnipotent but decades ahead of (0+ / 0-)

everyone else. Want to bet they have already successfully unified gravity with quantum mechanics?

How would you know what they have and don't have? If they have a working knowledge of unified physics, which is highly likely, then what makes you think they don't at least have working quantum computers if not a full blown Time Loop Logic computation device?

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 09:20:58 AM PST

[ Parent ]

Did you ever get a chance to talk to (1+ / 0-)

Recommended by:
happymisanthropy

L. Ron Hubbard about your ideas?

by Keninoakland on Tue Feb 17, 2015 at 11:07:10 AM PST

[ Parent ]

Well if you want proof why don't you see (1+ / 0-)

Recommended by:
nchristine

how they modified the DES standard to be more resistant to differential cryptanalysis, something that the NSA had a decade before everyone else.

As for quantum computers, they exist right now though the ones known publicly to exist are extremely limited. To be specific, 56,153 is the largest number I could find that has been factored with publicly available technology. Making a more powerful one capable of cracking all encryption on the internet is just a matter of money and engineering.

As for time loop logic, while still only hypothetical in terms of publicly available science and technology the idea has been worked on by several people including a physicist at the University of Oxford (David Deutsch) who is also working on developing quantum computers.

As for impossibility, remember that NASA is doing experiments right now to determine if an Alcubierre style "warp bubble" can be created in the lab. Remember, FTL (even if done by warping/distorting space) equals time travel.

You have watched Faux News, now lose 2d10 SAN.

by Throw The Bums Out on Tue Feb 17, 2015 at 11:29:43 AM PST

[ Parent ]

no. gcc can't be compromised. (0+ / 0-)

That is a real fantasy. Too many paranoid people, many smarter than the NSA's smartest guys, work intimately with gcc code.

If you want to be paranoid about a linux utility, worry about make. But that, too, would be a longer shot.

Infecting firmware was a great idea. Infecting gcc, not so good.

by Dumbo on Tue Feb 17, 2015 at 02:18:30 PM PST

[ Parent ]

Just so people understand how this works (17+ / 0-)

Recommended by:
raboof, mrblifil, kharma, Simplify, dewtx, stevemb, blueoasis, StrayCat, CroneWit, rodentrancher, cybrestrike, nchristine, Johnny Q, Miggles, ozsea1, Dumbo, greblos

The malware isn't written to the hard drive's magnetic surface, the way your programs and data would be. It's written onto the drive's firmware, which is generally a physical IC chip on the drive's controller board (the one with all the chips and other electronic components that you plug your computer's power and data connector cables to, that moves data back and forth between your computer and the drive's magnetic platters).

Some firmware ICs can be rewritten. This is so manufacturers can update it to fix bugs, improve performance and add features, either in the factory or by the end user. You generally need special software and sometimes hardware to do this. And some ICs can't be rewritten, and have to be replaced to change the drive's firmware (but this is less common).

The question in my mind is whether the NSA has been intercepting drives (or the computers they're installed in) as they're being shipped from resellers or manufacturers to end users (who are suspected of being "evildoers"), and adding this malware to their firmware on a per-unit basis, or if it's been able to install this malware at the factory or warehouse, in bulk, without necessarily targeting drives that have been ordered by suspected "evildoers".

If it's the latter, then it basically has the ability, in theory at least (there are I'm guessing ways to defeat this), to spy on the hard drive contents of every hard drive made in the past X years. But I'm guessing that it's not so cut and dry, and it's been unable, or unwilling, to install this malware on all hard drives. That would be a logistical and spycraft nightmare, given how many hard drives are made each year and that most are made in east Asian countries and not the US. The NSA might literally not have the resources to do this, nor the political ability to get to every hard drive made. But I'm just guessing.

Any indication of which scenario it is, targeted drive or ALL drives? And, how does one find out if any of one's drives has been infected? Is there software one can run, or perhaps serial #'s one can look up?

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:09:31 AM PST

Remember the HBGary chat with Anonymous? (10+ / 0-)

Recommended by:
kharma, stevemb, blueoasis, shaharazade, Don midwest, CroneWit, cybrestrike, Losty, Johnny Q, eyo

Hoagland's work on a rootkit like this was referenced several times.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 06:23:08 AM PST

[ Parent ]

I don't doubt the NSA's technical prowess (5+ / 0-)

Recommended by:
kharma, stevemb, CroneWit, cybrestrike, eyo

I'm just wondering how widespread it is and if one can detect it. And even if every drive had this on it, they'd still have to upload the data they're interested in, and it would be hard to hide it from decent packet-sniffing SW. They'd have to work with OS and SW utility firms, telcoms and even router and modem makers to hide all that from detection. That's a MASSIVE undertaking and I'm not convinced that it could be done even with its budget and skills, in terms of mass surveillance of everyone.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 06:35:52 AM PST

[ Parent ]

"Massive undertaking" outsourced to contractors? (2+ / 0-)

Recommended by:
corvo, phenry

The Secret History of NSA Contractors

June 10, 2013
A 2010 Washington Post report found "close to 30 percent of the workforce in the intelligence agencies is contractors."
Some 5 million people hold a government security clearance, according to a 2012 report by the Director of National Intelligence. About 1.4 million people have top-secret clearance, and half of those are the employees of private businesses.

Some 480,000 contractors held top-secret credentials as of last year, and 2,000 companies supply contractors to the intelligence agencies.

by eyo on Tue Feb 17, 2015 at 08:04:37 AM PST

[ Parent ]

I don't care who does it (0+ / 0-)

so much as WHAT is being done.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 09:03:46 AM PST

[ Parent ]

Apparently you can't find it, and who does (0+ / 0-)

packet sniffing anyway?

I think when your firmware is corrupt like this that, you really can't find the problem and can't trust any diagnostic information. Which is why it is so hard to find.

The one that Hoagland was developing changed with the clock cycle of the computer or some such convoluted and ephemeral existence and was cross platform.

That whole HBGary situation was on this very topic, I think, perhaps not the same project but the same concept.

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 01:16:34 PM PST

[ Parent ]

Um, people who choose to do packet sniffing? (0+ / 0-)

Plus I'm guessing that you can sniff the data being read from the drive to see if it corresponds to user or legitimate SW or OS-requested data.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 04:33:13 PM PST

[ Parent ]

If that were the case how did it sit undetected (0+ / 0-)

for 14 years?

Democracy - 1 person 1 vote. Free Markets - More dollars more power.

by k9disc on Tue Feb 17, 2015 at 08:18:54 PM PST

[ Parent ]

that is an important question. (0+ / 0-)

We should know the answer soon as people inspect their drives.

It goes to a question that is almost as important, maybe more:

HOW COMPLICIT WERE THE DRIVE MANUFACTURERS, LIKE HITACHI, JAPAN, IN IMPLEMENTING THIS SABOTAGE OF THEIR PRODUCT?

Because if they facilitated it, they betrayed their customers' trust and forever tainted the reputation of their products.

Or was it an inside job, people bribed within these corporations to do things contrary to the corporation's reputation? If so, there may be foreign nationals at legal jeopardy, criminal and civil, for what is being exposed here. And rightly so.

Some people got a lot ot 'splainin' to do.

by Dumbo on Tue Feb 17, 2015 at 02:26:15 PM PST

[ Parent ]

I've got to believe that it would be nearly (0+ / 0-)

impossible to stealthily implant such malware on all drives at the factory. You'd need coverts operatives at the firmware IC maker and then the drive make in design, fabrication, testing, etc. Too many things need to go right and so many places it could be detected. Plus we're dealing with a military that couldn't detect and prevent 9/11 or win two recent wars. They're not this competent.

I'm guessing that they're intercepting drives ordered by specific entities and replacing the firmware with their own infected one. Most of the time they don't even have to physically open or replace anything (but the external packaging). They just have to flash an infected version of the firmware.

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 04:37:29 PM PST

[ Parent ]
I would say not at all complicit (1+ / 0-)

Recommended by:
kovie

Unless you assume that making firmware writable is complicit.

Disc drives have a fair amount of customization at the firmware level to meet the demands of the OEM and system integrators that buy the bulk of the drives.

So you make the drive, burn in the specific configuration for your customer (retail/distributor model have their own specs), and leave the ability to write so if there is a change down the road you can fix it (this includes a problem with the product, or a late customer demand to make a change)

It's not an easy thing to do for a normal person, but I presume that with the right skills and tools it's possible to make changes and thus malware (if it can be serviced, it can be infected).

The factories themselves are access controlled and highly automated, with lots of tests being captured through all parts of the build process. If you managed to introduce malware in the factory, it is the kind of thing that could be traced back through serial numbers (like any other kind of field failure). Enough data is captured to trace a bad lot back to the individual days the drives were created, and every single component supplier etc that went into the drive. If somebody hacked at the factory level, the shifts/runs affected is something that can be traced, and thus an "evildoer" insider is at fair risk of discovery once the problem is known (they could be long gone by then, but still).

Security's pretty good on the warehouses and distribution centers too...nobody has any reason there to hack firmware of a drive, so you'd be busting open pallets/cartons/etc and someone's likely to notice.

Likewise I don't see the logistics layer as making much sense...you can't hijack a truck, tamper with the drives, repackage them and sell them as if nothing happened.

Most likely the drives were hacked after they were sold, in position. You don't know who you want to hack until they reach their destination, after all. I suppose it's possible some OEM's or SI's got hacked during their production lines or a distributor's warehouse, but same objections to the manufacturer apply....it's traceable by batch in the factory, and it's unusual behavior in a warehouse. The geographic clumping of the compromised drives backs this theory....if it was something at the factory or warehouse level you'd have stuff scattered all over, rather than compromised drives mostly in countries the US doesn't like much, and in the homes of the kinds of folks the FBI spies on domestically.

However it was done, significant resources in actual humans seem to be needed to get the hack into the firmware. This doesn't seem like the kind of thing a botnet could do.

by greblos on Tue Feb 17, 2015 at 05:43:46 PM PST

[ Parent ]

We're talking about the NSA (1+ / 0-)

Recommended by:
cybrestrike

not hackers or terrorists. They have pretty serious resources. Still, hacking firmware in bulk seems beyond even their ability to do especially given that manufacturing is all abroad and that subcomponents are built by various firms in various locations. It would be a spycraft nightmare to do that, and would require the cooperation of various governments and firms OR unbelievable infiltration. Neither seems likely to me. And even if they could pull this off, eventually end users would find out. Maybe I'm wrong, but it just sounds so James Bondish, as in something the evil genius villain would do.

I'm sure that they'd love to get into everyone's personal, non-transmitted data. But even they must know by now that 99% of it is worthless to them and a vast misuse of resources. Better to target actual potential leads. And I can see how they'd intercept drives and other devices en route to plant spyware in them. That would be vastly easier (just don't try this at home kids).

"We have it in our power to begin the world over again." - Thomas Paine, Common Sense, 1776

by kovie on Tue Feb 17, 2015 at 07:49:31 PM PST

[ Parent ]

Thanks Bob nt (6+ / 0-)

Recommended by:
corvo, eyo, shaharazade, stevemb, bobswern, blueoasis

I voted Tuesday, November 4, 2014 because it is my right, my responsibility and because my parents moved from Alabama to Ohio to vote. Unfortunately, the republicons want to turn Ohio into Alabama.

by a2nite on Tue Feb 17, 2015 at 06:19:37 AM PST
How National Security State Outlasted Its Critics (15+ / 0-)

Recommended by:
kharma, corvo, stevemb, Medium Head Boy, blueoasis, shaharazade, AllanTBG, CroneWit, No Exit, cybrestrike, nchristine, Teiresias70, eyo, Demeter Rising, Fishtroller01

well,

I added the bold

This is one paragraph in the article. I added the white space, i.e., made the paragraph into sentences

There more things in the article and this appears under the subheading

How the National Security State Outlasted Its Critics

Consider the National Security Agency. In June 2013, it was faced with the beginning of a devastating rollout of a trove of top-secret documents exposing its inner workings.
Thanks to Edward Snowden, Americans (and Germans and Brazilians and Mexicans and Afghans) came to know that the agency had, in the post-9/11 years, set up a surveillance state for the ages, one for which the phrase Orwellian might be distinctly inadequate.

The NSA was listening in on or intercepting the communications of 35 chancellors, presidents, and other world leaders, the secretary-general of the U.N., the offices of the European Union, foreign corporations, peasants in the backlands of the planet, and oh yes, American citizens galore (and that’s just to start down a far longer list).

All of this effort has -- from the point of view of “intelligence” -- been remarkably expensive but (as far as anyone can tell) relatively useless.

Few terrorists have been found, next to no plots broken up, and little useful, actionable intelligence provided to the government, despite the yottabytes of data collected.

The whole effort should have been written off as a bust and scaled back radically.

The agency’s methods arguably violated the Constitution, made a mockery of the idea of privacy, and tore up sovereignties of every sort.

Instead, that global surveillance system remains embedded in our world and growing, its actions sanctified.

the entire article will be posted on DK but will, if history is a guide, get maybe 4 recomments and at most 2 comments.
so no fair use criticism of me for putting in another couple of paragraphs

f ever there was a system in need of “reform,” this was it. And yet the NSA has successfully outlasted the long Snowden moment without a single thing being walked back, not even the most shocking revelation for Americans: that the agency was gathering and storing their bulk phone “metadata.” A year ago, a presidential advisory board on privacy concluded that the bulk data collection was “illegal and unproductive” and recommended changes. None have yet taken place. “Reform” efforts on the NSA collapsed in Congress even before the Republicans took the Senate. As with the police, so the president has announced minor “tweaks” to the system of data collection and it’s marching right on.

Similarly, the CIA outlasted Senator Dianne Feinstein. .....
Tomgram: Engelhardt, Walking Back the American Twenty-First Century?
In Whose America?
Machine Guns, MRAPs, Surveillance, Drones, Permanent War, and a Permanent Election Campaign

by Don midwest on Tue Feb 17, 2015 at 06:25:26 AM PST
Richard Stallman is right again (10+ / 0-)

Recommended by:
corvo, rodentrancher, white blitz, eyo, shaharazade, stevemb, Losty, dconrad, Pablo Bocanegra, happymisanthropy

RMS is always right. Even when he says the craziest, most deranged thing you can possibly imagine, just mark your calendar, because within 2 years, that crazy rant will be accepted truth.

How is RMS right in this case? He advocates for all firmware to be free and open. Support coreboot.

Cynicism is as much about recognizing my own flaws as it is finding flaws in others. If I am blind to my own selfish motivations, what use is it pointing out those in others.

by ooddaa on Tue Feb 17, 2015 at 06:30:46 AM PST

Hi comrade! Hee hee, here's a link. (2+ / 0-)

Recommended by:
corvo, dconrad

coreboot.org

As an Open Source project it provides auditability and helps regaining control over technology.
Ima card-carrying member of the FSF since 2003. Linus hates them but they are needed, just like the ACLU in my opinion. I like Free software for better quality applications and support too. :)
Peace

by eyo on Tue Feb 17, 2015 at 08:13:43 AM PST

[ Parent ]
RMS is right about everything (0+ / 0-)

except wardrobe.

La majestueuse égalité des lois, qui interdit au riche comme au pauvre de coucher sous les ponts, de mendier dans les rues, et de voler du pain.

by dconrad on Tue Feb 17, 2015 at 12:26:31 PM PST

[ Parent ]

Being pretty much totally naive about this stuff, (8+ / 0-)

Recommended by:
corvo, Glen The Plumber, mrblifil, white blitz, artmartin, middleagedhousewife, stevemb, sunbro

one question did occur to me- is the Kaspersky firm totally independent and above-board, or is its location at all problematic when it comes to looking to it for cybersecurity information?

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 06:36:43 AM PST

would you trust it if it were u.s. based? (0+ / 0-)

At this point in time, being an American security corporation is the same as being an NSA client. I would rather trust Russians to tell me what bad things my government is doing. Sad, but oh well.

by Dumbo on Tue Feb 17, 2015 at 02:30:45 PM PST

[ Parent ]

Question: (10+ / 0-)

Recommended by:
billmosby, Glen The Plumber, sweatyb, middleagedhousewife, sunbro, Catte Nappe, GoGoGoEverton, highacidity, stevemb, Fogiv

Has anybody outside of Kaspersky confirmed their findings? The report may well be completely legit; it may not. I don't trust anything coming out of Russia these days.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 07:04:16 AM PST

even if it is legit...where is the problem... (3+ / 0-)

Recommended by:
sunbro, GoGoGoEverton, Fogiv

they spy on us...we spy on them.

and I would expect us to be the best...sounds like the Russians are jealous.

We are not broke, we are being robbed.
~ Join Silicon Valley Kos ~

by Glen The Plumber on Tue Feb 17, 2015 at 07:20:06 AM PST

[ Parent ]

I have little issue (15+ / 0-)

Recommended by:
Glen The Plumber, JML9999, jdsnebraska, Medium Head Boy, rodentrancher, middleagedhousewife, sunbro, GoGoGoEverton, stevemb, highacidity, Fogiv, Losty, AllanTBG, BvueDem, Situational Lefty

with the NSA spying on Russia, Iran, NK, China...

Domestic, not so much.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 07:21:27 AM PST

[ Parent ]

exactly...if they are spying on americans... (5+ / 0-)

Recommended by:
sunbro, GoGoGoEverton, Fogiv, middleagedhousewife, BvueDem

without a warrant...that would be a problem.

otherwise...I want them to spy on our enemies...and hope they do a good job of it.

We are not broke, we are being robbed.
~ Join Silicon Valley Kos ~

by Glen The Plumber on Tue Feb 17, 2015 at 07:24:09 AM PST

[ Parent ]

Especially since (7+ / 0-)

Recommended by:
Glen The Plumber, sunbro, GoGoGoEverton, highacidity, Fogiv, middleagedhousewife, BvueDem

China's government is practically hooking up a vacuum cleaner to the data pipes of any company doing business in China.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 07:32:42 AM PST

[ Parent ]

i'm sure the Russian KGB is jealous. (2+ / 0-)

Recommended by:
happymisanthropy, kharma

Just as the Nazi Gestapo would have been jealous. Totalitarian states of all sizes and shapes must be drooling with envy. We should be so proud of being number 1. Go USA!!!

by Dumbo on Tue Feb 17, 2015 at 02:37:28 PM PST

[ Parent ]

Not sure I would trust implicitly (9+ / 0-)

Recommended by:
kharma, stevemb, billmosby, cybrestrike, Johnny Q, eyo, Pablo Bocanegra, happymisanthropy, Situational Lefty

anything coming out of anywhere.

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 07:49:28 AM PST

[ Parent ]
Kaspersky is considered quite trustworthy. (6+ / 0-)

Recommended by:
Glen The Plumber, raptavio, Fogiv, middleagedhousewife, GoGoGoEverton, dconrad

It's just that their report doesn't say what people seem to assume it says.

by phenry on Tue Feb 17, 2015 at 08:51:50 AM PST

[ Parent ]

What do you think of the Ars reporting... (1+ / 0-)

Recommended by:
Glen The Plumber

... on the story?

Misled Into War: A Timeline/DowningStreetMemo.com

by highacidity on Tue Feb 17, 2015 at 09:39:23 AM PST

[ Parent ]

It looks well-researched (4+ / 0-)

Recommended by:
Fogiv, Glen The Plumber, sunbro, highacidity

and, to its credit, it conspicuously lacks the "...and therefore the NSA must be hacking everyone everywhere OMG OMG" tone that permeates this diary.

by phenry on Tue Feb 17, 2015 at 10:09:57 AM PST

[ Parent ]

You spent a lot of time in the comments... (10+ / 0-)

Recommended by:
corvo, Tool, dconrad, cybrestrike, Johnny Q, Pablo Bocanegra, protectspice, happymisanthropy, sonicfan515, kharma

...of this diary making statements about what's reported here that TOTALLY DISTORT what's reported here. Rinse. Repeat.

Try harder.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:32:39 AM PST

[ Parent ]

You're right. I was wrong. (3+ / 0-)

Recommended by:
Fogiv, Glen The Plumber, sunbro

This diary is actually a neutral, dispassionate examination of recent developments in malware propagation techniques. That's why it only has a total of six comments, all from levelheaded computer security experts who know what they're talking about and haven't misinterpreted anything.

by phenry on Tue Feb 17, 2015 at 10:44:34 AM PST

[ Parent ]

What would we do without you (7+ / 0-)

Recommended by:
jrooth, dconrad, cybrestrike, Pablo Bocanegra, bobswern, protectspice, kharma

to make sure we all view the behavior of our government with nothing but neutrality?

You underestimate the intelligence of the readership, which is insulting enough, but you seem to have appointed yourself as the "neutrality police" as well.

No, the fact is smart people don't have misplaced trust of US intentions. Smart people don't think they're spying on every single computer. But smart people want to know what their capabilities are, because some of us are not stupid enough to think the US would not use these capabilities in extrajudicial applications.

If you took the most ardent revolutionary, vested him in absolute power, within a year he would be worse than the Tsar himself. - Mikhail Bakunin

by ZhenRen on Tue Feb 17, 2015 at 10:57:34 AM PST

[ Parent ]

It's good to question their findings... (4+ / 0-)

Recommended by:
middleagedhousewife, bobswern, cybrestrike, Glen The Plumber

... especially since they're based in a nation whose government is headed by Vladamir Putin and his cohort. But, having said that, Kaspersky is considered very trustworthy, IMVHO.

We should pay serious attention to what they say.

Misled Into War: A Timeline/DowningStreetMemo.com

by highacidity on Tue Feb 17, 2015 at 09:38:47 AM PST

[ Parent ]

Kaspersky is (3+ / 0-)

Recommended by:
Keninoakland, sunbro, highacidity

and given I'm in the industry I know to trust the name for a long time. But things have changed. Putin is still Putin, regardless of Kaspersky's reputation.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 09:43:14 AM PST

[ Parent ]

Borderline CT. I guess vodka has mind... (6+ / 0-)

Recommended by:
corvo, cybrestrike, Johnny Q, Pablo Bocanegra, protectspice, happymisanthropy

controlling drugs because Putin.

There is nothing which I dread so much as a division of the republic into two great parties.. This...is to be dreaded as the greatest political evil under our Constitution.--John Adams

by kharma on Tue Feb 17, 2015 at 10:10:19 AM PST

[ Parent ]

No (4+ / 0-)

Recommended by:
middleagedhousewife, Glen The Plumber, sunbro, highacidity

Putin has an army behind him and has demonstrably wrested control of the press by simple strong-arm tactics. Kaspersky is located in Putin's domain and can in fact be intimidated by him.

This is why independent verification is sound.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 10:20:52 AM PST

[ Parent ]

Yeah, let's ignore the REUTERS story... (8+ / 0-)

Recommended by:
kharma, corvo, cybrestrike, Johnny Q, Pablo Bocanegra, protectspice, Dumbo, happymisanthropy

...and the facts presented in it! (Confirmation from two sources inside the intelligence community...oh, that!)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:34:10 AM PST

[ Parent ]

Hey, chill bro. (3+ / 0-)

Recommended by:
sunbro, phenry, highacidity

No need for the aggression.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 10:51:33 AM PST

[ Parent ]

Aggression? LOL! This is me being nice... ;-) n/t (2+ / 0-)

Recommended by:
cybrestrike, Johnny Q

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 11:44:57 AM PST

[ Parent ]

But you had fangs and they were dripping blood. (3+ / 0-)

Recommended by:
bobswern, sunbro, highacidity

It scareded me.

"Much of movement conservatism is a con and the base is the marks." -- Chris Hayes

by raptavio on Tue Feb 17, 2015 at 11:59:02 AM PST

[ Parent ]

4th Amendment (13+ / 0-)

Recommended by:
kharma, corvo, Simplify, reflectionsv37, stevemb, Medium Head Boy, AllanTBG, CroneWit, cybrestrike, Johnny Q, eyo, wayoutinthestix, happymisanthropy

The original 4th Amendment:

"The right of the people to be secure in their persons, houses, papers, and effects,[a] against unreasonable searches and seizures, shall not be violated, and no Warrants shall issue, but upon probable cause, supported by Oath or affirmation, and particularly describing the place to be searched, and the persons or things to be seized."

The new, NSA version:

"All communications, papers, documents, effects, and data have no expectation of privacy and may be searched at any time without a Warrant."

The NSA lied to Congress, a felony, and nothing happened. The special Court set up just to oversee the NSA said the NSA violates the Constitution on a regular basis, nothing was done. The Court also complained that the NSA lied to them, nothing was done.

The NSA is a rogue agency that has gone beyond the capability of the US government to control. No Presidential order, no Congressional Law, no Court finding will have any effect on the NSA at all.

Congress can agree on the Koch's big project, but not on America's national security. Figures.

by billpalto on Tue Feb 17, 2015 at 07:20:59 AM PST

But it's cool, dude (0+ / 0-)

they aren't doing this to literally every computer.

... The Meritocrats!

by happymisanthropy on Tue Feb 17, 2015 at 07:26:30 PM PST

[ Parent ]

I'm sure Kaspersky's detailed expose... (11+ / 0-)

Recommended by:
Glen The Plumber, artmartin, sweatyb, sunbro, eyo, Catte Nappe, FreeSpeaker, Unduna, middleagedhousewife, Keninoakland, jan4insight

…on Russian and Chinese intelligence agency computer hacking in foreign countries will be next.

by MemoryCells on Tue Feb 17, 2015 at 07:21:36 AM PST

Exactly. nt (1+ / 0-)

Recommended by:
eyo

-4.75, -5.33 Cheney 10/05/04: "I have not suggested there is a connection between Iraq and 9/11."

by sunbro on Tue Feb 17, 2015 at 08:29:15 AM PST

[ Parent ]
Kaspersky is actually okay with hacks (0+ / 0-)

as long as the originate from the Kremlin.

-4.75, -5.33 Cheney 10/05/04: "I have not suggested there is a connection between Iraq and 9/11."

by sunbro on Tue Feb 17, 2015 at 09:00:05 AM PST

[ Parent ]
Outsourced (2+ / 0-)

Recommended by:
nchristine, stevemb

And remember where motherboards are assembled, where computers are produced, etc. There is no way to determine where the operatives of the Russian, Chinese, Israeli, European or American intelligence agencies have penetrated the manufacturing processes. And of course there would be no reason for a former KGB, Russian military operative to conceal anything done by his former employers who can at the nod of their collective heads shut him down anytime.

by FreeSpeaker on Tue Feb 17, 2015 at 09:02:24 AM PST

[ Parent ]
This isn't about global politics. (2+ / 0-)

Recommended by:
Keninoakland, jan4insight

Kaspersky, who was trained by the KGB and is a friend of Vladimir Putin (who regularly jails political opponents and crushes dissension in his own country), is simply concerned about the privacy of U.S. individuals.

-4.75, -5.33 Cheney 10/05/04: "I have not suggested there is a connection between Iraq and 9/11."

by sunbro on Tue Feb 17, 2015 at 09:42:13 AM PST

[ Parent ]

Good Snark (2+ / 0-)

Recommended by:
sunbro, jan4insight

by FreeSpeaker on Tue Feb 17, 2015 at 10:01:55 AM PST

[ Parent ]

Spending Billions annually on all this wizbang (9+ / 0-)

Recommended by:
DRo, corvo, billmosby, Catte Nappe, highacidity, Johnny Q, happymisanthropy, bobswern, jan4insight

which can circumvented by two morons armed with

Grannie's pressure cooker
Couple of pounds of fireworks
a pile of sharp pointy things from the dollar store.

I want 1 less Tiny Coffin, Why Don't You? Support The President's Gun Violence Plan.

by JML9999 on Tue Feb 17, 2015 at 07:23:26 AM PST

Even more now, since the Copenhagen (5+ / 0-)

Recommended by:
corvo, JML9999, kharma, bobswern, jan4insight

shooter apparently only left "actionable intelligence" on the internet as he went out the door to go shooting.

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 08:17:33 AM PST

[ Parent ]

I remember reading that Snowden (3+ / 0-)

Recommended by:
corvo, middleagedhousewife, stevemb

had a rather elaborate computer system set up so that he could protect his location within Russia. It appears that even he, with all his expertise has been kidding himself and could be grabbed any time the US wants him.

"Gods are fragile things; they may be killed by a whiff of science or a dose of common sense. They thrive on servility and shrink before independence." Chapman Cohen

by Fishtroller01 on Tue Feb 17, 2015 at 07:29:21 AM PST

well, except that we'd have to have (12+ / 0-)

Recommended by:
native, kharma, Simplify, stevemb, middleagedhousewife, cybrestrike, Johnny Q, Mr Robert, eyo, Fishtroller01, Pablo Bocanegra, protectspice

the wetware wherewithal to kidnap him and smuggle him out of the country; and drone-bombing him would be just too obvious.

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 07:50:51 AM PST

[ Parent ]

True... I had hoped that he would (4+ / 0-)

Recommended by:
corvo, native, stevemb, kharma

have been able to move elsewhere by now, but it may be that he is in the safest place he can be and a move might be extremely risky.

"Gods are fragile things; they may be killed by a whiff of science or a dose of common sense. They thrive on servility and shrink before independence." Chapman Cohen

by Fishtroller01 on Tue Feb 17, 2015 at 07:52:54 AM PST

[ Parent ]

He's in the only possible safe place (7+ / 0-)

Recommended by:
stevemb, middleagedhousewife, billmosby, cybrestrike, eyo, Fishtroller01, kharma

on the planet that will have him (China might qualify, but China doesn't want him), and that lasts only as long as the good will of whoever is running Russia.

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 07:59:12 AM PST

[ Parent ]

Which means that (3+ / 0-)

Recommended by:
corvo, stevemb, sunbro

either what he says in the future will become more and more suspect

or that he will disappear.

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 08:18:54 AM PST

[ Parent ]

"what he says in the future" (7+ / 0-)

Recommended by:
corvo, stevemb, kharma, billmosby, dconrad, Pablo Bocanegra, cybrestrike

He dumped all the documents upon leaving. Since then it's the dumpee's job to get the words out. They are doing some fine work with little bites of big information, I think. Not done yet, obviously. Three cheers for Ed Snowden, my hero,

Hip hip hooray! Hip hip hooray! Hip hip hooray! Let it ring. I will be at the front of the parade for him when he comes home.

by eyo on Tue Feb 17, 2015 at 09:04:03 AM PST

[ Parent ]

Unfortunately (7+ / 0-)

Recommended by:
kharma, stevemb, cybrestrike, Johnny Q, eyo, Pablo Bocanegra, protectspice

he'll never be coming home, unless we have a black site for him here, in which case we'll never hear that he "came home."

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 09:28:26 AM PST

[ Parent ]

He's probably lucky he never made it to Equador. (3+ / 0-)

Recommended by:
corvo, stevemb, kharma

by native on Tue Feb 17, 2015 at 08:57:45 AM PST

[ Parent ]

For the technically minded . . . . (18+ / 0-)

Recommended by:
native, highacidity, kharma, Catte Nappe, corvo, basquebob, reflectionsv37, Tool, blueoasis, AllanTBG, dconrad, rodentrancher, billmosby, cybrestrike, Mr Robert, eyo, Demeter Rising, wayoutinthestix

A year and a half ago, a hacker with the handle [SPRITE_TM] posted a fascinating hack on a hard drive.

Like many geeks, he had a pile of worn-out, broken-down hard drives. One day he decided to see what he could do with one of them.

People assume that a modern hard drive is a simple, passive, piece of hardware. However, merely having a cache implies there must be a microprocessor in there to manage it. But could this microprocessor be harnessed to run a standard operating system such as Linux? That was his challenge.

Anyway, for the technically minded, his story makes a fascinating read: http://spritesmods.com/?art=hddhack

It's just like a detective story. When I first read it, I kept thinking, "Should people know that such things are possible?" since it could be easily turned to mischief. I should have known, though, that the NSA would get there first.

None of this makes a bit of difference if they don't count your vote.

by Toddlerbob on Tue Feb 17, 2015 at 07:43:17 AM PST
Enemy of the State (10+ / 0-)

Recommended by:
kharma, corvo, stevemb, Tool, blueoasis, dconrad, cybrestrike, defluxion10, happymisanthropy, Don midwest

Remember that movie of several years ago starring Will Smith and Gene Hackman? About prevalent surveillance in the hands of a corrupt politician (aptly enough played by the odious Jon Voight)? Turns out it was a documentary, I guess.

by geordie on Tue Feb 17, 2015 at 07:43:48 AM PST

Brill: I blew up the building. (3+ / 0-)

Recommended by:
defluxion10, kharma, Don midwest

Dean: Why?

Brill: Because you made a phone call.

Love that movie. :)

La majestueuse égalité des lois, qui interdit au riche comme au pauvre de coucher sous les ponts, de mendier dans les rues, et de voler du pain.

by dconrad on Tue Feb 17, 2015 at 12:32:20 PM PST

[ Parent ]

If they can grab encryption keys (9+ / 0-)

Recommended by:
native, Shockwave, kharma, stevemb, middleagedhousewife, billmosby, cybrestrike, eyo, Don midwest

why are they so fussed about people using encryption?

A mighty woman with a torch, whose flame/Is the imprisoned lightning, and her name/Mother of Exiles.

by SouthernLiberalinMD on Tue Feb 17, 2015 at 07:45:23 AM PST

"OPSEC". (6+ / 0-)

Recommended by:
corvo, stevemb, cybrestrike, SouthernLiberalinMD, eyo, Don midwest

Operations security. Leaving as few clues as possible to be mulled over, pieced together, etc.

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 08:20:38 AM PST

[ Parent ]

Always suspected the best hackers would be (3+ / 0-)

Recommended by:
eyo, stevemb, Don midwest

the USA government.

I'm not a member of any organized political party. I'm a democrat. Will Rogers

by thestructureguy on Tue Feb 17, 2015 at 07:46:29 AM PST
And I used to get hammered here -- in a previous (8+ / 0-)

Recommended by:
corvo, kharma, reflectionsv37, stevemb, blueoasis, El Zmuenga, dconrad, Don midwest

incarnation -- for using the word "fascist" to describe RW/authoritarian practices.

"Fascist" isn't even the start of it. They had nothing like this.

"Big Brother" gets closer. You gotta get to fiction to find this level of intrusion on personal assets and information.

And there's no accountability, no honesty, no limit to what can happen supporting blackmail or assassinations.

Amazing. I read "1984" as a kid. Lived to see it happening. And since the Dems and the GOPers are getting set to offer us Hereditary Dynasty candidates, it's not all that twisted to think that Fasco-Monarchy is their next check in the mail for us.

"What the big gun lovers are doing is idolatry. It is a false religion, un-Christian. Their worship of 2nd Amendment firearms slaughters as many innocents in America as ISIL kills in the Levant."

by waterstreet2008 on Tue Feb 17, 2015 at 07:49:43 AM PST

'In a previous incarnation?' (2+ / 0-)

Recommended by:
phenry, waterstreet2008

Meaning this account is a zombie/sock?

by GoGoGoEverton on Tue Feb 17, 2015 at 08:46:48 AM PST

[ Parent ]

DKOS has several ways to respond to ganging (13+ / 0-)

Recommended by:
corvo, stevemb, kfunk937, GoGoGoEverton, kharma, jrooth, run around, basquebob, quince, blueoasis, cville townie, Don midwest, cybrestrike

up on an account. The change was recommended after one ganging-up sequence fell over to real-world stalking. I had to change phone # and ISP address too.

And you can change your tag yourself, long as you stop using the old tag.

"What the big gun lovers are doing is idolatry. It is a false religion, un-Christian. Their worship of 2nd Amendment firearms slaughters as many innocents in America as ISIL kills in the Levant."

by waterstreet2008 on Tue Feb 17, 2015 at 09:22:34 AM PST

[ Parent ]

10-4. Did you let (1+ / 0-)

Recommended by:
waterstreet2008

admin know when you were doing it? Just wondering, I don't think you have to.

Sorry about your problems with stalkers.

by GoGoGoEverton on Tue Feb 17, 2015 at 10:09:13 AM PST

[ Parent ]

You just made a helpdesk thread… (10+ / 0-)

Recommended by:
cybrestrike, Johnny Q, Mr Robert, BradyB, Pablo Bocanegra, waterstreet2008, cville townie, Clive all hat no horse Rodeo, kharma, corvo

…letting them know for him, didn't you?

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 10:59:03 AM PST

[ Parent ]
You are not required (6+ / 0-)

Recommended by:
cybrestrike, DeadHead, waterstreet2008, Demeter Rising, Clive all hat no horse Rodeo, corvo

Unless the rules have changed, you just have to completely stop using the old account (never going back to it).

by quince on Tue Feb 17, 2015 at 11:12:36 AM PST

[ Parent ]

Very fast, was that one, to accuse you of the s... (5+ / 1-)

Recommended by:
waterstreet2008, cville townie, kharma, Don midwest, corvo

Hidden by:
Tortmaster

Very fast, was that one, to accuse you of the shadow they themselves very likely cast....

by Occulus on Tue Feb 17, 2015 at 10:46:39 AM PST

[ Parent ]

Go ahead, say it. (0+ / 0-)

by GoGoGoEverton on Tue Feb 17, 2015 at 12:30:33 PM PST

[ Parent ]

You're in a provocative, stirring, trolling mood (5+ / 0-)

Recommended by:
Pablo Bocanegra, waterstreet2008, DeadHead, cville townie, kharma

today. Also, team pie-fighting.

I'm uprating Occulus' accusation, as you're proving him right, for now.

by Brecht on Tue Feb 17, 2015 at 01:04:22 PM PST

[ Parent ]

There's Brecht (0+ / 0-)

once again justifying comments he'd otherwise HR because Brecht reasons.

by GoGoGoEverton on Tue Feb 17, 2015 at 01:05:35 PM PST

[ Parent ]

Now you're proving me right. (5+ / 0-)

Recommended by:
Pablo Bocanegra, waterstreet2008, DeadHead, cville townie, kharma

by Brecht on Tue Feb 17, 2015 at 01:07:00 PM PST

[ Parent ]

Cummon. "Zombie/sock" is proof that someone (2+ / 0-)

Recommended by:
cville townie, corvo

is taking his online play time rather seriously.

(Visual memory replays the headbanger gif....)

"What the big gun lovers are doing is idolatry. It is a false religion, un-Christian. Their worship of 2nd Amendment firearms slaughters as many innocents in America as ISIL kills in the Levant."

by waterstreet2008 on Tue Feb 17, 2015 at 02:43:17 PM PST

[ Parent ]
Proof. An allegation isn't proof. (0+ / 0-)

Irony isn't proof either.

Watching Fox News is an Act of Racism.

by Tortmaster on Wed Feb 18, 2015 at 03:23:46 AM PST

[ Parent ]

LOL, waterstreet! You are going ... (0+ / 0-)

... directly against the grain of thousands of years of conspiracy theory. You, instead, are apparently claiming there's a nascent conspiracy to create a monarchy.

And the rest of your argument is strange, as you completely ignore context. When you slap a fanny on the football field, it's called camaraderie, but if you do it in the office, it's called you're fired.

But, then again, this whole diary and most of the comments lack context. Carry on.

Watching Fox News is an Act of Racism.

by Tortmaster on Wed Feb 18, 2015 at 02:53:13 AM PST

[ Parent ]
By the by, it took Orwell ... (1+ / 0-)

Recommended by:
waterstreet2008

... four paragraphs to detail a juicy governmental violation of constitutional rights. It's been, let's see, twenty months--it's really been that long--since Snowden arrived on the scene to document a grand total of zero intentional constitutional violations by the Government.

But I agree, what this diary and these comments lack in context, they more than make up in hyperbole.

Here's what you might find in the fourth paragraph of 1984:

"In the far distance a helicopter skimmed down between the roofs, hovered for an instant like a bluebottle, and darted away again with a curving flight. It was the police patrol, snooping into people’s windows."

Watching Fox News is an Act of Racism.

by Tortmaster on Wed Feb 18, 2015 at 03:21:35 AM PST

[ Parent ]

Now they use the Smart T.V.s. (1+ / 0-)

Recommended by:
Tortmaster

I'm so relieved. No noise pollution, eh?

NSA lied to Congress repeatedly and precisely because they were spending a big chunk of their appropriations money on "intentional constitutional violations by the Government."

Of course they have stopped. They are honorable men. They love our Congress.

"What the big gun lovers are doing is idolatry. It is a false religion, un-Christian. Their worship of 2nd Amendment firearms slaughters as many innocents in America as ISIL kills in the Levant."

by waterstreet2008 on Wed Feb 18, 2015 at 09:32:07 AM PST

[ Parent ]

Even Snowden has given up ... (0+ / 0-)

... on the NSA lied to Congress trope. You should too, waterstreet2008. In a June 2014 interview, Snowden finally acknowledged that at least Congressional Intelligence Committees were informed about the programs. He said:

"[T]he NSA is playing games ... interpreting laws in secret, without asking public [sic], without talking to the majority of Congress, and the only people that the public has [sic] to rely on as advocates, are two intelligence committees...."
Of course, Snowden managed to get that wrong. There are four congressional committees that are apprised of NSA activities.

Watching Fox News is an Act of Racism.

by Tortmaster on Wed Feb 18, 2015 at 08:30:13 PM PST

[ Parent ]

That's funny !! (0+ / 0-)

"What the big gun lovers are doing is idolatry. It is a false religion, un-Christian. Their worship of 2nd Amendment firearms slaughters as many innocents in America as ISIL kills in the Levant."

by waterstreet2008 on Sat Feb 21, 2015 at 05:43:07 AM PST

[ Parent ]

Backdoors have been planted for decades (9+ / 0-)

Recommended by:
native, highacidity, corvo, stevemb, AllanTBG, cybrestrike, Johnny Q, eyo, kharma

Still, crypto keys in firmware were supposed to be somewhat resistant.

And then there is Apple;

The FBI and NSA Hate Apple’s Plan to Keep Your iPhone Data Secret

Apple released the iPhone 6 with a new, powerful encryption setting that should make it much harder for law enforcement and surveillance groups like the FBI and the NSA from accessing users’ emails, photos and contacts. After the Edward Snowden revelations last year, privacy-minded users may be happy about the new feature, but the law enforcement community is decidedly not.

Daily Kos an oasis of truth. Truth that leads to action. UID: 9742

by Shockwave on Tue Feb 17, 2015 at 08:11:39 AM PST
Kasperky is actually a Russian company? (4+ / 0-)

Recommended by:
sunbro, merrywidow, Rejoinder, jan4insight

I did not know that. I always figured they just had a Russian name. Now I'll know to avoid them in the future. I figure any Russian company will do whatever Putin says or the CEO will end up like Mikhail Khordokovsky.

Thanks for the heads up!

by Jose Padilla on Tue Feb 17, 2015 at 08:33:00 AM PST

Oh that Evil Empire again. Go get em cowboy! (8+ / 0-)

Recommended by:
El Zmuenga, kharma, corvo, PJEvans, cybrestrike, Johnny Q, protectspice, Little

by native on Tue Feb 17, 2015 at 09:12:20 AM PST

[ Parent ]

Yippee ki yay, well you know the rest. (1+ / 0-)

Recommended by:
kharma

by Jose Padilla on Tue Feb 17, 2015 at 12:11:45 PM PST

[ Parent ]

they're respected (2+ / 0-)

Recommended by:
happymisanthropy, kharma

and highly-ranked internationally.
They have locations outside Russia, too.

(Is it time for the pitchforks and torches yet?)

by PJEvans on Tue Feb 17, 2015 at 12:51:37 PM PST

[ Parent ]

From the first time I ever entered cyberspace, (7+ / 0-)

Recommended by:
billmosby, linkage, nchristine, corvo, annominous, jan4insight, kharma

I have always assumed that all my activities therein would be utterly transparent to anyone who cared to take notice of them. I believe it is in the very nature of this new beast to reveal, and that if you don't wish what you are doing on it and with it to be revealed, you shouldn't be using it.

People have gotten so accustomed to exchanging information privately, using previous technologies, they fail to notice that this is inherently impossible when using the new technology. "Email" for instance, only superficially resembles postal mail -- it is in fact an entirely different creature, and doesn't behave the same way at all. The first motor cars resembled horse drawn carriages, and were even called horseless carriages.

"Hacking" of all kinds, governmental and otherwise, appears to be a rapidly expanding field of enterprise, and society (or civilization if you will) will somehow need to devise methods to either control or prevent it. First we would need to more precisely and legally define what hacking is.

by native on Tue Feb 17, 2015 at 08:34:57 AM PST
Interesting (11+ / 0-)

Recommended by:
kharma, Occulus, corvo, sunbro, blueoasis, PJEvans, cybrestrike, eyo, protectspice, Little, Situational Lefty

the constant assocation of the term Russian in describing Kaspersky, which has been providing computer security internationally and with integrity for many years now.

Looks like we're heading for a high tech cold war.

Is revolution enhanced politics?

by Publius2008 on Tue Feb 17, 2015 at 08:40:17 AM PST

Perhaps that's because... (3+ / 0-)

Recommended by:
highacidity, middleagedhousewife, sunbro

...Kaspersky is a Russian company.

by phenry on Tue Feb 17, 2015 at 08:53:09 AM PST

[ Parent ]
Comes from the association of Kaspersky (5+ / 0-)

Recommended by:
Glen The Plumber, highacidity, middleagedhousewife, Keninoakland, sunbro

with "based in Moscow".

I'm a Russophile and have worked in Russia in the past, at 3 different uranium enrichment plants, in circumstances (HEU Transparency monitoring) I have related several times on DailyKos. At one of those plants, a director was found killed gangland-style. He had contracted with a certain supplier for something or other and it was not one of the "approved" ones. That happened in 2005.

So anything that comes out of that country can stand to be questioned just a little, in my humble opinion.

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 08:57:29 AM PST

[ Parent ]

meanwhile, nobody killed Karen Silkwood n/t (8+ / 0-)

Recommended by:
El Zmuenga, kharma, stevemb, blueoasis, billmosby, cybrestrike, Johnny Q, protectspice

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 09:36:16 AM PST

[ Parent ]

Or King or Kennedy or Kennedy or... (0+ / 0-)

(insert your own more relevant examples; as a geezer those are always the ones that pop out of my mind first...)

There are a lot of institutions I don't trust in this country as well. I have always considered computer security firms as at least having a built-in conflict of interest when it comes to telling us about threats, for example.

I suspected Colin Powell wasn't giving us accurate info on Iraq WMDs, because of where he was getting the info from.

And on and on.

I just naively use Macs and hope for the best. I did have to remove some ad tracking nuisance ware a month or so ago, it came in with a legitimate piece of software I bought online. But normally I either have no problems with malicious software or they don't impact my operations; my accounts always seem to have the right amount of money in them, and so on.

Getting headache now, must stop. lol

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 10:17:35 AM PST

[ Parent ]

You didn't get the memo. (4+ / 0-)

Recommended by:
cybrestrike, Johnny Q, protectspice, kharma

Of course King, Kennedy, and Kennedy were killed. Lone gunman. Y'hear that? LONE GUNMAN. Usually with a helpful diary.

But Silkwood? Nope. Just ran off the road. Ignore the fresh scrapes on the back of the car; ignore the documents that went missing. And didn't the police say she had drugs on her? And if you can't believe the police, whom can you believe?

;-)

Dogs from the street can have all the desirable qualities that one could want from pet dogs. Most adopted stray dogs are usually humble and exceptionally faithful to their owners as if they are grateful for this kindness. -- H.M. Bhumibol Adulyadej

by corvo on Tue Feb 17, 2015 at 10:22:28 AM PST

[ Parent ]

I know. Like I said, those weren't really (0+ / 0-)

relevant.

I also said I didn't trust a lot of institutions here.

Let me agree in peace, willya?

Moderation in most things.

by billmosby on Tue Feb 17, 2015 at 10:24:45 AM PST

[ Parent ]

Unfortunately, I consider our own nation's (9+ / 0-)

Recommended by:
kharma, corvo, stevemb, blueoasis, PJEvans, billmosby, cybrestrike, Johnny Q, happymisanthropy

National Security apparatus to be equally, or almost equally questionable. Data can be valid or invalid, regardless of the source.

by native on Tue Feb 17, 2015 at 09:36:50 AM PST

[ Parent ]

Heading.... It's probably well beyond that now. (3+ / 0-)

Recommended by:
corvo, stevemb, cybrestrike

Only now it's coming to light as it's not as obvious as planting nukes in people's back yards, or bomb shelters. NSA probably wanted to keep this crap under wraps as long as possible because the tech can be used against its own citizens, whereas nuke bombs, in general, can be explained away.

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 09:24:45 AM PST

[ Parent ]

Serveral years ago (13+ / 0-)

Recommended by:
native, kharma, corvo, stevemb, blueoasis, AllanTBG, linkage, cybrestrike, eyo, cville townie, bobswern, Situational Lefty, Don midwest

both my and my husbands computers were infected with some Russian? (who knows) virus, worm or god awful havoc reaking attack. The geeks we use down the street cleaned our computers up and installed Kaspersky. I took it off as it was a pain in the ass and slowed down xp but husband still has it and has remained virus free since then.

I find it ironic at a time when the cold war is being rekindled and Putin is the devil de jour that Kaspersky Lab a Russian company has revealed this latest spooky cyber attack that our very own 'security state' is using to keep us safe. Cyber wars and real time so called wars are being waged on nation states, humans and the planet under the absurd guise of the GWOT or protection. What a racket, what a con. Everything is now a war.

One thing for sure CT has become reality, no one seems capable of reining in the forces unleashed by the now all powerful security state that has declared war virtual and real on 'the world as we know it.' Next up TPP wherein the quaint idea of sovereignty will become illegal and our national interest's will become acts of terror against the global multinational real terrorists. 'Paranoia runs deep into your life it will creep'. Brazil the movie is the new reality.

Thanks Bob I guess? At this point the surreal has become real. The enemy is indistinguishable to ordinary people as it has become the inevitable endless forever war against anything that threatens the mechanism's put in place all to keep us safe.

by shaharazade on Tue Feb 17, 2015 at 08:54:37 AM PST

Pay attention to the names of the users here de... (7+ / 0-)

Recommended by:
Tool, cybrestrike, cville townie, protectspice, shaharazade, Don midwest, kharma

Pay attention to the names of the users here deciding Kapersky Labs for the fact they're based in Russia, and especially to their positions and comments on other topics in other diaries. In particular, compare the behaviors of GoGoGoEverton, phenry, and WinSmith in this to their comments elsewhere.
It's obvious even to a blind rabbit when you know what to look for.

by Occulus on Tue Feb 17, 2015 at 10:51:24 AM PST

[ Parent ]
you might have had (1+ / 0-)

Recommended by:
kharma

other problems. I've never had any problems with Kaspersky's software.

(Is it time for the pitchforks and torches yet?)

by PJEvans on Tue Feb 17, 2015 at 12:50:03 PM PST

[ Parent ]

Us either (2+ / 0-)

Recommended by:
Don midwest, kharma

the virus that infected our computers had nothing to do with Kaspersky's awesome anti-virus software. It was a altogether different bug that at the time was billed as coming form Russia. I just find it kind of humorous that the company that is revealing this latest NSA hackivism is from the same country that is now our enemy again. I noticed on the map of country's at Ars Technica, the Russians are listed as heavy recipients of the 'Equation Groups' advanced hacking operation.

The cold war is heating up and the spooks need to know when the Russians are coming once again. (snark)

by shaharazade on Tue Feb 17, 2015 at 05:03:27 PM PST

[ Parent ]

Why is this important? (4+ / 0-)

Recommended by:
native, merrywidow, Glen The Plumber, sunbro

Why wouldn't our spy agencies be able to hack just about everything? Why wouldn't we want them to be able to hack just about anything?

by chrswlf on Tue Feb 17, 2015 at 08:58:08 AM PST

Exactly. (2+ / 0-)

Recommended by:
Glen The Plumber, sunbro

"The poor can never be made to suffer enough." Jimmy Breslin

by merrywidow on Tue Feb 17, 2015 at 09:22:24 AM PST

[ Parent ]
I, personally, don't have a problem with hacking (10+ / 0-)

Recommended by:
stevemb, native, corvo, kharma, Tool, happymisanthropy, bobswern, Situational Lefty, Teiresias70, cybrestrike

into Iran's networks for security intel. What I do have a problem with is that the NSA has routinely shown that they don't give a damn about any rules set down by anyone. They are just as happy to hack a US Senator as the leader of North Korea. Who's to say that the NSA isn't controlled by the mega corps and blackmailing Senators and Representatives based upon hacked intel on them to do certain actions in Congress?? That's what bothers me. There is no oversite, no control, nothing.

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 09:38:43 AM PST

[ Parent ]
Perhaps because the history of our (9+ / 0-)

Recommended by:
kharma, corvo, stevemb, blueoasis, cybrestrike, Choco8, Little, happymisanthropy, Situational Lefty

spy agencies has not been as honorable as it might have been? Among other reasons.

by native on Tue Feb 17, 2015 at 09:41:40 AM PST

[ Parent ]
Well, here's one reason (11+ / 0-)

Recommended by:
nchristine, PJEvans, wayoutinthestix, stevemb, Johnny Q, happymisanthropy, bobswern, Situational Lefty, Teiresias70, kharma, cybrestrike

or maybe two.
1. My father lost his academic job in the 1950s because of his political activities, most of which took place 20 years earlier. If someone like Scott Walker became President, the NSA data could easily be used to destroy the careers and even lives of anyone who had ever posted a comment on dKos, just for example.

2. The FBI had a vendetta against Martin Luther King Jr. and spied on him, with the intent of finding "compromising" information such as affairs that could be used to destroy him and his effectiveness. They've done it to others as well.

3. As a matter of principle, either the 4th Amendment means something or it doesn't. Right now, the evidence is that it may as well just be erased off the books.

by rugbymom on Tue Feb 17, 2015 at 11:53:25 AM PST

[ Parent ]
Why do we have spy agencies that (4+ / 0-)

Recommended by:
bobswern, DeadHead, kharma, cybrestrike

spy on the American People?

It's a question that should go without saying, but some authoritarians seem to get ahead of themselves.

-9.50/-7.59 - "Why are the missiles called peace-keepers when they're aimed to kill?" -Tracy Chapman

by Situational Lefty on Tue Feb 17, 2015 at 09:52:57 PM PST

[ Parent ]

Dear Government: Please Stop Breaking the Law (2+ / 0-)

Recommended by:
dconrad, Don midwest

I have to be honest, this is the most amazing text to me of all the linked articles:

Taken together, the accomplishments led Kaspersky researchers to conclude that Equation Group is probably the most sophisticated computer attack group in the world, with technical skill and resources that rival the groups that developed Stuxnet and the Flame espionage malware.
I'm actually pretty surprised (impressed frankly) that the NSA (or anyone affiliated with an actual government) was able to attract this level of talent and simultaenously keep them quiet for so long.
Great summary diary; this is a story that obviously still has a lot of developing to do.

Governing lies at the intersection of ideology and reality... if you're unwilling to touch one of those two roads, good luck doing it.

by TooFolkGR on Tue Feb 17, 2015 at 09:01:12 AM PST

What law? (4+ / 0-)

Recommended by:
TooFolkGR, phenry, Glen The Plumber, sunbro

Are we not allowed to spy now?

by chrswlf on Tue Feb 17, 2015 at 09:03:58 AM PST

[ Parent ]

At 4:00 today, Steve Gibson, security guru, (8+ / 0-)

Recommended by:
native, kharma, Occulus, corvo, stevemb, blueoasis, dconrad, cybrestrike

from Gibson Research will be doing his live weekly podcast at twit.tv

I'm sure he'll be discussing this issue.

Steve's site:

https://www.grc.com/...

(Sometimes the podcast starts a little late. It follows MacBreak Weekly)

Dallasdoc: "Snowden is the natural successor to Osama bin Laden as the most consequential person in the world, as his actions have the potential to undo those taken in response to Osama."

by gooderservice on Tue Feb 17, 2015 at 09:14:59 AM PST

I'm sorry. Steve did talk about this issue but (3+ / 0-)

Recommended by:
stevemb, kharma, cybrestrike

it wasn't until about an hour into his podcast.

But video, audio, and a transcript will be available at his website in a day or two.

Last info is from Feb. 10. Today's transcript will be available here shortly.

https://www.grc.com/...

Dallasdoc: "Snowden is the natural successor to Osama bin Laden as the most consequential person in the world, as his actions have the potential to undo those taken in response to Osama."

by gooderservice on Tue Feb 17, 2015 at 03:32:50 PM PST

[ Parent ]

Russian Lab? (1+ / 0-)

Recommended by:
sunbro

"The poor can never be made to suffer enough." Jimmy Breslin

by merrywidow on Tue Feb 17, 2015 at 09:21:55 AM PST

Kapersky. Very trusted, very well known, been a... (9+ / 0-)

Recommended by:
Johnny Q, El Zmuenga, PJEvans, Pablo Bocanegra, protectspice, Clive all hat no horse Rodeo, happymisanthropy, kharma, cybrestrike

Kapersky.
Very trusted, very well known, been around for years.
Don't fall for the twice-baked cold-war-redux shit being shoveled at you from this diary's trolls. They're here to DEFEND this shit. They want you to remain complacent. Fat and happy. Vulnerable.
Don't believe them.

by Occulus on Tue Feb 17, 2015 at 10:55:32 AM PST

[ Parent ]

Kaspersky (2+ / 0-)

Recommended by:
stevemb, kharma

some of the best security software available to the general public.

(Is it time for the pitchforks and torches yet?)

by PJEvans on Tue Feb 17, 2015 at 12:48:13 PM PST

[ Parent ]

Perhaps the worst part about this (7+ / 0-)

Recommended by:
Glen The Plumber, nchristine, native, stevemb, kharma, blueoasis, happymisanthropy

is that now the existence of this has been verified, other hackers worldwide, including Russian, Chinese, mafia, whomever - can search for copies of this code and reverse engineer it for their own use.

It will take years to reengineer hardware and operating systems to block this type of software, and many more years until the vulnerable current systems are swapped out, during which time bad actors who figure it out can use it on whomever they want.

Finally, it's entirely likely if this group is that incredibly sophisticated and willing to illegally hack pretty much anywhere - they will probably create something similar that works on the new hardware. The difference is that now people know to look for it, and we'll continue to go through multiple rounds of this crap where no one's data is safe anywhere for decades.

Republican threats amount to destroying the present if we don't allow them to destroy the future too. -MinistryOfTruth, 1/1/2013

by sleipner on Tue Feb 17, 2015 at 09:22:07 AM PST
why the need for hyperbole? Why? (11+ / 0-)

Recommended by:
phenry, Glen The Plumber, Rejoinder, GoGoGoEverton, Fogiv, middleagedhousewife, Susan G in MN, owlbear1, NE2, NYFM, Unduna

it just diminishes the credibility of this story that so many (not you, bobswern) have worked so hard on.

Daily Kos has put this up on Facebook now, and despite the diarists' sophistic claim in this thread that by "Hacking of virtually all hard drive firmware" in the title, he really means "virtually all types of hard drive firmware have been hacked" Facebook readers are interpreting the misleading headline as meaning their own personal computers have all been hacked, like this comment below:

This does not involve you communicating with others online. They are able to read the contents of your hard drive, even if your operating system is password protected.
Yes, I mean the computer you and your family uses daily. The one in your bedroom. The one you use to prepare your taxes. Your saved photos and videos you intentionally did not upload.

This is much, much worse than intercepting an email or a Facebook chat. This is access to everything on the computer in your house. Think of it as the NSA having a master key to almost every lock in almost every front door of almost every house almost everywhere.

It's the biggest hack operation in computing history.

For the record, here's what the Ars Technica story actually has to say:

Kaspersky researchers have documented 500 infections by Equation Group in at least 42 countries, with Iran, Russia, Pakistan, Afghanistan, India, Syria, and Mali topping the list. Because of a self-destruct mechanism built into the malware, the researchers suspect that this is just a tiny percentage of the total; the actual number of victims likely reaches into the tens of thousands.
and here's what Kaspersky's lead researcher Costin Raiu told Reuters:

Though the leaders of the still-active espionage campaign could have taken control of thousands of PCs, giving them the ability to steal files or eavesdrop on anything they wanted, the spies were selective and only established full remote control over machines belonging to the most desirable foreign targets, according to Raiu. He said Kaspersky found only a few especially high-value computers with the hard-drive infections.
Am I defending the NSA? No, of course not, this is an important story and Reuters has it confirmed by former NSA employees who (we hope) would not have a pro-Russia, anti-U.S. agenda, but c'mon people, isn't it obvious that if people read this (as the headline prompts them to do) to think "virtually all" hard drives in the billions of computers in the world, including their own, have been hacked, and then they learn the real story, their outrage will deflate, the story loses significance in their eyes - "oh well, I guess that's not so bad after all." Honestly, I don't think the NSA could ask for anything better, now that the story has broken.

by jennifer poole on Tue Feb 17, 2015 at 09:25:24 AM PST

Agreed & Rec'd (3+ / 0-)

Recommended by:
Glen The Plumber, stevemb, jennifer poole

Let's not lose sight of what the experts in this area - namely Kaspersky are saying. This stuff is highly sophisticated and highly targeted and controlled. It may have the capability to infiltrate every machine given enough exposure, but that exposure was controlled tightly and directed seemingly at terrorism-related actors.

by Rejoinder on Tue Feb 17, 2015 at 10:33:36 AM PST

[ Parent ]

exactly. and there's no doubt discovering the (1+ / 0-)

Recommended by:
Rejoinder

capability to do this is a very important story: I applaud those who did the reporting on it: certainly, we've learned from history over and over that once it's discovered that something CAN be done, it often is done, no matter the risks or ethics. that's human nature.

It's an important discussion to have: Look, this has happened: yes, it's pretty clear NSA has done it (as I did note in my comment, yes, the story has been confirmed by two former NSA employees), and why would any thoughtful person assume - unless otherwise informed about technical difficulties or expense or whatever limitations - that NSA wouldn't use this capacity domestically, too? Or maybe has used it? What can we do (is there anything?) to prevent this from happening, or to discover if it has happened domestically or to our allies?

That's why the hyperbole is so irritating: because when readers read a misleading headline and get instantly outraged because they think "the computer they and their family use daily" (to paraphrase the FB commenter, and many other commenters, too) has been hacked by their own government's security agency, but then they find out that, really, it's just those crazy Iranians or Algerian terrorists who've been hacked, and really maybe 500 or even a thousand or "a few" computers have been hacked - it's really easy - just human nature - to basically tune out any further discussion because they already feel like they've been misled quite enough, thank you very much, and it's probably a good thing that the gov't is spying on those crazy Iranians, etc.

by jennifer poole on Tue Feb 17, 2015 at 08:31:30 PM PST

[ Parent ]

Now, you're "officially" trolling... (4+ / 0-)

Recommended by:
eyo, Don midwest, kharma, cybrestrike

...and, based upon your record on this topic, I find the entirety of your comments in the threads in this diary to be comprehensively disingenuous. So, cut the crap!

1.) The headline does NOT state: "Virtually All Hard Drives." It states: "Virtually All Hard Drive Firmware."

2.) The first graphic at the top of this post CLEARLY notes that the NSA was implementing this software IN THE U.S.

3.) Your record of behaving in a trollish manner in other posts on this subject is HIGHLY MEMORIALIZED in this community.

You're really not fooling anyone reading your comments here, no matter how hard you try.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:28:55 PM PST

[ Parent ]

"All hard-drive firmware" is NOT "All hard-drives" (13+ / 0-)

Recommended by:
corvo, dconrad, cybrestrike, Johnny Q, Pablo Bocanegra, Little, NE2, stevemb, Clive all hat no horse Rodeo, happymisanthropy, eyo, Don midwest, kharma

...but, don't let that undermine your false claims/feigned outrage about this post, and the Reuters story, which includes confirmation from two, inside intelligence sources.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:38:30 AM PST

[ Parent ]
Have been and can be are two different things. ... (7+ / 0-)

Recommended by:
dconrad, Little, bobswern, stevemb, happymisanthropy, kharma, cybrestrike

Have been and can be are two different things.
Stop claiming that people saying your hard drive is vulnerable are saying you've already been hacked.
Yes, you're doing just that, and have been throughout.

by Occulus on Tue Feb 17, 2015 at 11:02:26 AM PST

[ Parent ]

yes indeed, and that's why the headline (0+ / 0-)

is misleading, because most readers are not going to read the headline:

"Breaking: Kaspersky Exposes NSA’s Worldwide, Backdoor Hacking of Virtually All Hard-Drive Firmware"

as

"Breaking: Kaspersky report shows almost every kind of hard drive around the world is vulnerable to NSA hacking"

"NSA's hacking of" does not equal "NSA's capability to hack."

by jennifer poole on Tue Feb 17, 2015 at 08:52:08 PM PST

[ Parent ]

"Am I defending the NSA? No..." There's a reason (7+ / 0-)

Recommended by:
bobswern, stevemb, Clive all hat no horse Rodeo, happymisanthropy, eyo, kharma, cybrestrike

people like Bob Cesca and Charles Johnson have to say that constantly. That reason: because they actually defend the NSA constantly.

P.S. You have read Bob's words wrong. He did not say ""virtually all" hard drives in the billions of computers in the world, including their own, have been hacked". Which at the end of the day makes this you defending NSA.

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 01:46:55 PM PST

[ Parent ]
The fact that you've been making comments like (6+ / 0-)

Recommended by:
bobswern, stevemb, Clive all hat no horse Rodeo, eyo, kharma, cybrestrike

this - while saying "I'm not dedefending NSA!!!!" - since at least last September - well, it says something. You seem to be on some mission to get Bobswern to - I don't know what, really. I get the impression "Shut up!" would suit you.

http://www.dailykos.com/...

Bob has some quite thoughtful replies there.

I have a few myself, including this one:

http://www.dailykos.com/...

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 02:03:44 PM PST

[ Parent ]

Thanks for pointing this out, Little! n/t (5+ / 0-)

Recommended by:
Little, stevemb, eyo, kharma, cybrestrike

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:27:24 PM PST

[ Parent ]
a mission to write better headlines? (1+ / 0-)

Recommended by:
Little

that's my mission at least in this particular case: I've been writing headlines for decades now, and well remember my training that if a headline is misinterpreted by many readers - as it is clear that this headline has been - it's not the fault of the readers, but of the headline writer.

It doesn't seem to do much good, no: but seeing the reaction on Facebook spurred me on once again....

by jennifer poole on Tue Feb 17, 2015 at 08:42:59 PM PST

[ Parent ]

But when one finds oneself in a mission so (0+ / 0-)

silly it's worth the time to step back and find what's underlying the zeal.

Here, have some pandas.

by Little on Wed Feb 18, 2015 at 12:40:43 PM PST

[ Parent ]

"Facebook readers are interpreting" LOL! x 10,000 (1+ / 0-)

Recommended by:
kharma

Facebook users need to get out more and actually discover the Internets. Something beyond commercial advertising.

Click-bait gets page views and a nice bump in the stats, it's not all bad.

Peace

by eyo on Wed Feb 18, 2015 at 03:02:28 AM PST

[ Parent ]

To a certain extent (8+ / 0-)

Recommended by:
Rich in PA, phenry, Unduna, sunbro, JasonPol, middleagedhousewife, Catskill Julie, NYFM

You have to assume other nations are also bringing the full weight of their hacking abilities to bear. You don't think China isn't trying to do the exact same thing?

So in some ways it would disappoint me if our top people WEREN'T able to pull off crazy hacks like this to some degree.

Look, we put an amazing amount of trust into our government. We let them have tanks and planes and bombs galore. We give them all of this weaponry and then we say that we trust them to not do evil with it. They don't always live up to our expectations, but that is the way our system works.

The same is kind of true with cyberwarfare. Our guys have to be trying this stuff, because you know the other side is, and if we aren't doing it too, then we have no idea how to protect our country and our systems from them. I'm not saying it is moral or ethical, but at some level we need the guys in our government/military to be the best hackers on the planet.

Now, are they going to use that hacking for evil purposes? I can't tell you that. That goes back to the same thing I said about giving them all the planes and tanks and bombs. We give them the weaponry to do all kinds of evil stuff. At some point we have to put the people in charge that we trust to not be evil.

by JamieH on Tue Feb 17, 2015 at 09:49:33 AM PST
i think the ability to sell american technology (6+ / 0-)

Recommended by:
Wolf10, bobswern, Mr Robert, stevemb, Don midwest, cybrestrike

in europe and asia just took a really big hit.

Now it's going to be "Open-Source" and open-boards
and open hardware.....

the really interesting thing is once you dig in,
I suspect you will find others doing this.

by patbahn on Tue Feb 17, 2015 at 10:10:53 AM PST

Your point is a critical reality concerning... (4+ / 0-)

Recommended by:
happymisanthropy, Don midwest, kharma, cybrestrike

...the heart of the matter here.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:39:23 AM PST

[ Parent ]
there are no American hard drive companies (0+ / 0-)

they are all asian

We want to build cyber magicians!

by VelvetElvis on Tue Feb 17, 2015 at 12:54:39 PM PST

[ Parent ]

sort of (1+ / 0-)

Recommended by:
NYFM

connor, western digital...

IBM...

by patbahn on Tue Feb 17, 2015 at 02:12:05 PM PST

[ Parent ]

So we all live in the old East Germany now, as was (7+ / 0-)

Recommended by:
corvo, bobswern, Mr Robert, Johnny Q, stevemb, happymisanthropy, Don midwest

depicted, with unintended irony in retrospect, by the film The Lives of Others, except now made much worse by more advanced technical capabilities.

The frog jumped/ into the old pond/ plop! (Basho)

by Wolf10 on Tue Feb 17, 2015 at 10:13:24 AM PST
Who says government can't do anything well? (5+ / 0-)

Recommended by:
nchristine, Mr Robert, Simplify, bobswern, NYFM

If this is true--and right now I'm 70% inclined to believe it and 30% inclined to question the source and timing--it's a pretty huge boost to my confidence in big-government liberalism. We just need a way to get those skilled, mission-driven people away from the Constant War and Surveillance part of our government into the more benign parts. I don't think healthcare.gov would have have problems if these people had designed it...and users wouldn't have had to input any data! You'd just smile at the screen and it would pull all of the necessary data.

I'm just here so I don't get fined.

by Rich in PA on Tue Feb 17, 2015 at 10:21:05 AM PST

Just love your last sentence!!! (2+ / 0-)

Recommended by:
bobswern, NYFM

My suncatchers - Kos Katalog

by nchristine on Tue Feb 17, 2015 at 10:27:30 AM PST

[ Parent ]

Team America! (6+ / 0-)

Recommended by:
corvo, bobswern, dconrad, happymisanthropy, NYFM, kharma

F**k Yeah!

by Balph Eubank on Tue Feb 17, 2015 at 10:25:40 AM PST
Kaspersky's own documentation.. (1+ / 0-)

Recommended by:
sunbro

..doesn't name the NSA or any other agency specifically, but to be this sophisticated I think we can safely assume it's the NSA.

That said, I find it disturbing that all these news outlets are taking it for granted to report that it most definitely IS the NSA without providing journalistic due diligence to back up the claim.

by Rejoinder on Tue Feb 17, 2015 at 10:27:37 AM PST

Did you bother reading the Reuters article here... (6+ / 0-)

Recommended by:
Pablo Bocanegra, stevemb, Johnny Q, Don midwest, cybrestrike, kharma

...towards the bottom of this post? (Two confirmations from within the intelligence community.)

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 12:30:13 PM PST

[ Parent ]

That's Reuters. (1+ / 0-)

Recommended by:
sunbro

What about the NYT and ArsTechnica? They both reported the story at first without sourcing for that item. AT has since simply quoted Reuters in an update while NYT still hasn't presented anything to back up the claim.

And yes, I did.

by Rejoinder on Tue Feb 17, 2015 at 12:55:00 PM PST

[ Parent ]

Actually, if it wasn't for the Reuters' piece... (5+ / 0-)

Recommended by:
stevemb, Johnny Q, Don midwest, cybrestrike, kharma

...there's a pretty good chance I wouldn't have posted this diary (or, I would've thought about sitting on it for a bit, at the very least).

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:41:48 PM PST

[ Parent ]

Governments spy, and it's always a race to stay (2+ / 0-)

Recommended by:
sunbro, NYFM

ahead of the enemy's technology. So, um, yeah. We aren't total dumbasses who fall out of the game completely by failing to stay abreast. Wow. What a shocker.

"In all chaos there is a cosmos, in all disorder, a secret order." Carl Jung

by Unduna on Tue Feb 17, 2015 at 10:36:01 AM PST

"Police shoot criminals! That's what they do! (6+ / 0-)

Recommended by:
stevemb, Johnny Q, happymisanthropy, Situational Lefty, cybrestrike, kharma

What a shocker that they shot some black dudes!"

Was the Republican Party full? Mayeb they have an SRO section for people like you?

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 01:40:51 PM PST

[ Parent ]

You don't have the sense god gave a chicken. (0+ / 0-)

Never have had. Not once in all the years you've been here have you been anything other than senseless, histrionic and naive.

"In all chaos there is a cosmos, in all disorder, a secret order." Carl Jung

by Unduna on Wed Feb 18, 2015 at 06:07:49 AM PST

[ Parent ]

Undana has spoken. (0+ / 0-)

I shall cast myself from the tower now.

Here, have some pandas.

by Little on Wed Feb 18, 2015 at 12:47:18 PM PST

[ Parent ]

Senseless, histrionic and childish. Perfect! (0+ / 0-)

Thank you!

"In all chaos there is a cosmos, in all disorder, a secret order." Carl Jung

by Unduna on Thu Feb 19, 2015 at 05:50:33 AM PST

[ Parent ]

I don't pretend to understand all this report (4+ / 0-)

Recommended by:
corvo, annominous, bobswern, kharma

but I know creepy when I see it. I glad you posted it.

The trouble ain't that there is too many fools, but that the lightning ain't distributed right. Mark Twain

by BlueMississippi on Tue Feb 17, 2015 at 10:38:07 AM PST
English translation: report confirmed. (3+ / 0-)

Recommended by:
corvo, bobswern, kharma

We are aware of the recently released report. We are not going to comment publicly on any allegations that the report raises, or discuss any details.

"The greed, recklessness and illegal behavior of major Wall Street firms plunged this country into the worst financial crisis since the 1930s. They are too powerful to be reformed. They must be broken up." -- Senator Bernie Sanders (I-Vermont)

by thanatokephaloides on Tue Feb 17, 2015 at 10:40:20 AM PST
So now if you're a foreign nation (2+ / 0-)

Recommended by:
bobswern, Dumbo

Why would you trust any American software or hardware? Or anything made in South Korea or Japan or Taiwan?

Seems like a good way to kill the tech sector.

Proverbs 29:7 “The righteous care about justice for the poor, but the wicked have no such concern.”

by nightsweat on Tue Feb 17, 2015 at 10:52:36 AM PST

even if you are an american, (2+ / 0-)

Recommended by:
happymisanthropy, kharma

why would you trust it?

The good news, sort of, is that it is foreign tech companies (albeit with large US shareholders) that have to do some splainin' about how their products were contaminated. Because if it turns out they did it for the US NSA just as a favor, they have violated their customers' trust and privacy in a way that would be criminal.

by Dumbo on Tue Feb 17, 2015 at 02:50:53 PM PST

[ Parent ]

I'm so conflicted. (0+ / 0-)

I have been suffering severe e-peen envy at the Chinese/DPRK/Russian groups for a few years. I'm proud and ashamed I'm proud because these guys are evil.

Though I do wonder if this is something like Mossad who is happy to pin the blame on the Americans. You'll note Israel also had minimal to no attacks.

by MNPundit on Tue Feb 17, 2015 at 10:55:14 AM PST
How much you wanna bet that some in the MSM (3+ / 0-)

Recommended by:
nchristine, bobswern, OLinda

knew about this program and were asked not to publish about it in the name of national security?

Anyone, whatever their political beliefs, needs to realize how effective even relatively large groups of people can be at keeping secrets, even in an "open" society. Approximately 1 million people had the same level of security clearance that Snowden had, so even if only one percent had the kind of direct knowledge he had, that makes 10,000 people. The Manhattan Project had thousands of employees that kept it so secret that Truman only found out about it after being sworn in. This project has apparently been secret for about 15 years, with how many people knowing about it?

by Gunnar Thomas on Tue Feb 17, 2015 at 11:33:07 AM PST

how many drive manufacturers knew about it? (2+ / 0-)

Recommended by:
happymisanthropy, kharma

by Dumbo on Tue Feb 17, 2015 at 02:46:07 PM PST

[ Parent ]

So just to be clear, the NSA has all of this cyber (4+ / 0-)

Recommended by:
bobswern, Little, stevemb, kharma

hacking software out there embedded in millions of computers with the supposed objective of keeping Americans safe but the US intelligence agencies were some how surprised at how quickly ISIL (or ISIS) became a major threat to their Middle East interests. Talk about your epic fail!

by BBoy705 on Tue Feb 17, 2015 at 11:57:19 AM PST

They also didn't spot (3+ / 0-)

Recommended by:
bobswern, stevemb, kharma

that banks were being hacked for $1 billion, either. Were they too busy watching us?

by Sprinkles on Tue Feb 17, 2015 at 12:27:25 PM PST

[ Parent ]

It's only a problem if you run Windows (0+ / 0-)

so don't run windows.

We want to build cyber magicians!

by VelvetElvis on Tue Feb 17, 2015 at 12:52:27 PM PST

NOPE...Mac, too (read the Ars Technica pc.) n/t (4+ / 0-)

Recommended by:
stevemb, Clive all hat no horse Rodeo, cybrestrike, kharma

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 04:28:41 PM PST

[ Parent ]

I run linux (0+ / 0-)

I don 't even need a virus scanner.

We want to build cyber magicians!

by VelvetElvis on Wed Feb 18, 2015 at 09:49:02 AM PST

[ Parent ]

I wonder if gogogo has comments in this post. (8+ / 0-)

Recommended by:
bobswern, Dumbo, wayoutinthestix, DeadHead, happymisanthropy, Situational Lefty, cybrestrike, kharma

I'll go look...

Here, have some pandas.

by Little on Tue Feb 17, 2015 at 01:38:43 PM PST

Yes, they do! n/t (5+ / 0-)

Recommended by:
Little, DeadHead, Clive all hat no horse Rodeo, cybrestrike, kharma

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 02:27:55 PM PST

[ Parent ]
masochist. (7+ / 0-)

Recommended by:
Little, bobswern, DeadHead, Clive all hat no horse Rodeo, happymisanthropy, cybrestrike, kharma

by Dumbo on Tue Feb 17, 2015 at 02:44:34 PM PST

[ Parent ]

I believe this story DID originate with Snowden (3+ / 0-)

Recommended by:
sunbro, Catskill Julie, palantir

Buried in the NY Times piece is the information that documents obtained from Snowden did reveal the "Equation Group's" efforts to intercept shipments and plant bugs in the firmware.

I know Snowden has his fans, but I'd guess this disclosure has done more damage to US intelligence than anything since the Cold War.

Coming Soon -- to an Internet connection near you: Armisticeproject.org

by FischFry on Tue Feb 17, 2015 at 02:28:46 PM PST

Oxymoron sighted: "US Intelligence" (4+ / 0-)

Recommended by:
Don midwest, cybrestrike, kharma, bobswern

Yeah they are so smart to infect the world with surveillance technology and murder by remote. Bogey-boogey man must keep the arms and cash flowing toward eternal warfare. No thanks.

Whew I forgot for a while what a bobswern diary attracts. Many eyes indeed. :)

by eyo on Wed Feb 18, 2015 at 02:48:22 AM PST

[ Parent ]

You think you're being clever. (1+ / 0-)

Recommended by:
Glen The Plumber

Between your cleverness and the smart actions of US intelligence agencies, ll take the US spy agencies' actions to surveil and derail Iranian nuclear weapons development, to track what Pakistanis are doing to support enemy combatants in Afghanistan. to ferret out and maybe stop Chinese efforts at industrial espionage, and to discover and defeat Russian criminal online activities.

Your cleverness scores meaningless Internet troll points. They're trying to protect Americans' -- lives and property, to advance US policy aims, and maybe also to protect our friends.. You may think US intelligence are 'bad guys,' but there are much scarier bad guys out there, taking aim at you in one way or another.

Coming Soon -- to an Internet connection near you: Armisticeproject.org

by FischFry on Wed Feb 18, 2015 at 11:05:11 AM PST

[ Parent ]
As for attracting "many eyes"... (1+ / 0-)

Recommended by:
Glen The Plumber

G-d forbid you should encounter a viewpoint that differs from your own.

Coming Soon -- to an Internet connection near you: Armisticeproject.org

by FischFry on Wed Feb 18, 2015 at 11:06:25 AM PST

[ Parent ]

as the article clearly states, we have needed (4+ / 0-)

Recommended by:
bobswern, eyo, Don midwest, kharma

this fourteen year old program of invading the privacy of everybody in the world with a hard drive because of the dangers created by Al Qaeda and ISIS. Goodness, gracious, we can't afford another Youtube beheading! What will become of our kittens on roomba video! So let's spy on everybody for decades just to be on the safe side.

by Dumbo on Tue Feb 17, 2015 at 02:44:02 PM PST

All your pootie videos are belong to NSA! (4+ / 0-)

Recommended by:
Dumbo, bobswern, eyo, kharma

Follow @rogneidheath “Judge: Are you trying to show contempt for this court? Mae West: I was doin' my best to hide it.” ― Mae West

by Rogneid on Tue Feb 17, 2015 at 03:51:25 PM PST

[ Parent ]

I'm confused... (0+ / 0-)

Bad Russia... unless bad former KGB, intertwined FSB Putin cronies say bad things about the NSA, then its good Russia? All Hail Comrade Snowden! And the unsubstantiated 'report' clearly states 'thousands' of computers, not billions, millions or even tens of thousands. Anyone want to guesstimate how many computers there are on this planet? Well, based on all your illogic, there's only thousands since the NSA is SPYING ON EVERYONE!!!!! It's like trying to prove the Bible is factual: You just have to make up your own 'facts' and call everyone else 'stoopid'. Classic. Megyn Kelly is oh so proud of you all.

'Slower Traffic - Keep Right!'

by luvbrothel on Tue Feb 17, 2015 at 04:41:23 PM PST

Thank God. (4+ / 0-)

Recommended by:
bobswern, Don midwest, cybrestrike, kharma

I was starting to worry about you.

If there's a surveillance-related story that needs pooh-poohing, we can count on you to do it.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Tue Feb 17, 2015 at 06:00:35 PM PST

[ Parent ]

I figured NONE of you would get the contradiction, (0+ / 0-)

having committed so much of your pride into FOX-styled propaganda.

'Slower Traffic - Keep Right!'

by luvbrothel on Tue Feb 17, 2015 at 09:04:06 PM PST

[ Parent ]

"Propaganda" for which you fail to offer… (3+ / 0-)

Recommended by:
Don midwest, cybrestrike, kharma

…a compelling counter-argument.

It's all just personal attacks on Snowden or Greenwald, or dismissing these stories as "Fox-styled" conspiracy theory.

You're kind of obvious, and have been for awhile now.

Somebody has to do something, and it's just incredibly pathetic that it has to be us. ~ Garcia

by DeadHead on Wed Feb 18, 2015 at 01:09:24 AM PST

[ Parent ]

Like I said... (0+ / 0-)

Now its back to the 'leave poor Ed/Glen alone' excuse. It burns....

I'm not the one who made Kaspersky a former KGB official, nor am I the one making Kaspersky an 'unofficial' FSB official, and certainly didn't have a hand in developing a really long, close relationship with Putin, who just carved up the Ukraine to his liking. But somehow, now that Kaspersky called you the most beautiful person in the world, that resume matters not because he's telling you what you want to hear.

The funniest thing about this all is watching those still clinging to Snowden being perplexed as to why no one is giving a shit, while frantically typing their dismay on their malware/NSA infested pc's.

O. M. G.

Please proceed.

'Slower Traffic - Keep Right!'

by luvbrothel on Wed Feb 18, 2015 at 10:52:35 AM PST

[ Parent ]

So, how do you detect if it is on your computer? (0+ / 0-)

I've seen things you people wouldn't believe. Attack ships on fire off the shoulder of Orion. I watched c-beams glitter in the dark near the Tannhäuser Gate.

by Ender on Tue Feb 17, 2015 at 05:03:33 PM PST

You can't. It's in the bootloader. Aka GRUB. Nt (2+ / 0-)

Recommended by:
Ender, kharma

Drink, drink. Fan, fan. Rub, rub. - Horatio Nelson... My sentiments, exactly. - Clive Rodeo

by Clive all hat no horse Rodeo on Tue Feb 17, 2015 at 06:24:46 PM PST

[ Parent ]

Senator Frank Church (D-ID) in 1975 (7+ / 0-)

Recommended by:
DeadHead, Johnny Q, bobswern, happymisanthropy, eyo, The Wizard, kharma

"That capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn't matter. There would be no place to hide."[38] He is widely quoted as also stating regarding the NSA: "I don't want to see this country ever go across the bridge... I know the capacity that is there to make tyranny total in America, and we must see to it that this agency and all agencies that possess this technology operate within the law and under proper supervision, so that we never cross over that abyss. That is the abyss from which there is no return."[38]

"Victory means exit strategy, and it's important for the president to explain to us what the exit strategy is." - George W Bush

by jfern on Tue Feb 17, 2015 at 05:13:03 PM PST
Not a surprise. (4+ / 0-)

Recommended by:
bobswern, NYFM, eyo, kharma

Anybody familiar with Stuxnet infecting Siemens, Simatic PLCs, could recognize that firmware is hackable and subject to peer-to-peer infection.

And, it is a poorly disguised secret that Alcatel-Lucent added backdoors to GSM programming to facilitate spying.

by P E Outlier on Tue Feb 17, 2015 at 05:48:35 PM PST
And so why are Snowden & Assange (7+ / 0-)

Recommended by:
bobswern, Situational Lefty, eyo, The Wizard, Don midwest, cybrestrike, kharma

and Manning still suffering immeasurably when they were obviously the heroes of brining this shit to light--leading the way for this important revelation?

Separation of Church and State AND Corporation

by Einsteinia on Tue Feb 17, 2015 at 05:52:11 PM PST
Russian Kaspersky (2+ / 0-)

Recommended by:
bobswern, Don midwest

I'm surprised Kaspersky continues to operate out of Moscow, considering what a risk it is to KGB czar Putin's methods. Kaspersky has a well earned reputation for insight and integrity.

"When the going gets weird, the weird turn pro." - HST

by DocGonzo on Tue Feb 17, 2015 at 07:29:52 PM PST
This is in line with their mission (1+ / 0-)

Recommended by:
Glen The Plumber

Gathering foreign intelligence -- diplomatic, defense, economic -- is in line with their mission. This is spycraft stuff that we knew about in principle from the ANT revelations (sans full technical analysis). Every government worth its salt would have similar tools, including the Chinese and Russians.

by Sucker Politics on Tue Feb 17, 2015 at 09:08:32 PM PST

As long as you ignore domestic implementation... (4+ / 0-)

Recommended by:
eyo, Don midwest, cybrestrike, kharma

...of this malware, which IS what you're doing since it's documented in the first graphic in this diary (and in the Kaspersky Report, itself, available at the bottom of this post) that these hacks and related surveillance DO OCCUR in the the U.S., then your position makes perfect sense.

Add-in the day-to-day work and information-sharing that occurs between the NSA and the FBI, and the existence of the super-top-secret AT&T Hemisphere Project, and the entire basis for your sentiments is...comprehensively baseless! But, don't let that dissuade you, right?

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Tue Feb 17, 2015 at 10:32:45 PM PST

[ Parent ]

I read the report (1+ / 0-)

Recommended by:
Glen The Plumber

It says that malware was discovered on computers in the United States. It doesn't say whether those computers belonged to United States citizens vs. foreigners visiting for a conference (it even mentions a scientific conference in Houston). Even if it is US citizens, it doesn't say whether those citizens are extremists of the sort that most people in this community would concede need to be monitored.

by Sucker Politics on Tue Feb 17, 2015 at 11:23:46 PM PST

[ Parent ]

Also... (2+ / 0-)

Recommended by:
jan4insight, Glen The Plumber

... even though the report ought to stand or fall on its technical merits (and admittedly it does seem to be a thorough, well-conducted analysis, minus the occasional gratuitous assumption, as with how they "deduce" 2,000 infections a month), we do have to bear in mind that Kaspersky has products to sell -- and indeed is plugging its products in the report.

by Sucker Politics on Tue Feb 17, 2015 at 11:30:13 PM PST

[ Parent ]

What if... (2+ / 0-)

Recommended by:
bobswern, stevemb

hackers got hold of this technique, and they WILL, the devastation they could cause is literally immeasurable.

If even one NSA employee wanted to use this technology to say, "steal" bank account #'s, passwords, etc, again, the damage they could do would be unbelievable.

I'm a principal software engineers, and I do find it hard to believe that malware could reflash a hard drive's firmware without the knowledge of the user.

Normally, to flash firmware for a hard drive, usb stick, bios, and other hardware, the computer has to be in a specific mode of operation, usually cannot have the OS running, etc. The hardware has to be in a specific mode in order for this to be done. How they managed to get past this limitation astounds me, as does the idea that other hackers will figure out how to do this as well.

I wonder what OS makers are going to do now, as well as hard drive manufacturers... What's their take on this?

by Bedlam on Wed Feb 18, 2015 at 07:44:20 AM PST
Thanks for this article-- (0+ / 0-)

This really doesn't bother me all that much. Hopefully, we are well out in front of the curve on all this and will stay that way.

by belate on Wed Feb 18, 2015 at 12:30:04 PM PST
I can't decide if this is new news or not. (0+ / 0-)

Some of the specifics, sure, but there is also a lot of CT-like logic in the write-up, logic that seems to ignore the way that software people work: We steal from each other. A lot.

Nevertheless, it's always been known that the NSA employs talented hackers and showers them with resources to bypass security and invade privacy at will.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 01:16:29 PM PST

Not familiar with your commenting.... (2+ / 0-)

Recommended by:
stevemb, dinotrac

...dinotrac...but, apparently, you have no qualms about trivializing this subject.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Wed Feb 18, 2015 at 02:53:53 PM PST

[ Parent ]

Trivializing what and how? (1+ / 0-)

Recommended by:
bobswern

Don't know how long you've been around, but the NSA has been doing this for years. The hijacking of hard-drive firmware is certainly impressive, but it's a logical continuation, not some new concept.

LG: You know what? You got spunk. MR: Well, Yes... LG: I hate spunk!

by dinotrac on Wed Feb 18, 2015 at 03:18:00 PM PST

[ Parent ]

Is there any proof? How do we know Kaspersky is (0+ / 0-)

telling the truth? All the other accounts got their information from the Kaspersky Lab report. Is there any proof? Is this another attempt by Russia to demonize America?

"Things turn out best for the people who make the best of the way things turn out." ~ John Wooden

by Terry S on Wed Feb 18, 2015 at 06:18:56 PM PST

Obviously, you didn't even read the diary... (1+ / 0-)

Recommended by:
stevemb

...because, if you did, you'd realize the Reuters' story confirms it with two intelligence sources inside the NSA.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Wed Feb 18, 2015 at 08:42:53 PM PST

[ Parent ]

I also made note of this in the first 3 paragraphs (0+ / 0-)

...of the diary.

I always thought if you worked hard enough and tried hard enough, things would work out. I was wrong. --Katharine Graham

by bobswern on Wed Feb 18, 2015 at 08:45:01 PM PST

[ Parent ]

FASCINATING! THIS IS THE 5TH ATTEMPT TO READ OR... (0+ / 0-)

FASCINATING! THIS IS THE 5TH ATTEMPT TO READ OR COMMENT ON THIS ARTICLE .... MY PHONE CRASHES EVERY TIME!!

by warrenwr on Thu Feb 19, 2015 at 04:35:34 AM PST
(0 / 0)

by you on soon

If this is OK, click Post:

Or you may make changes below and Preview again, or Cancel this comment.

Permalink

Subscribe or Donate to support Daily Kos.

Diary Recommended By

Thumb, JekyllnHyde, Alumbrados, paradox, zzyzx, cslewis, jo fish, northsylvania, raboof, decisivemoment, grollen, deben, roonie, El Zmuenga, AaronInSanDiego, glitterscale, Detlef, native, mimi, PeterHug, DebtorsPrison, greenbird, Shockwave, jazzizbest, Wintermute, Troutfishing, RFK Lives, gjohnsit, Matilda, jancw, davelf2, Theodoric of York Medieval Liberal, Bruce The Moose, geordie, Dumbo, Zinman, Babsnc, 714day, TracieLynn, Einsteinia, ask, boadicea, gayntom, phillies, roses, pedrito, mauricehall, ovals49, ivote2004, sngmama, oceanview, Nate Roberts, ctsteve, k9disc, manneckdesign, kharma, psnyder, emmasnacker, NYC Sophia, Dallasdoc, CitizenOfEarth, brainwave, gerrilea, i dont get it, niteskolar, DSC on the Plateau, Chirons apprentice, defluxion10, hazzcon, Calidrissp, wordwraith, Brian82, dkmich, Diana in NoVa, zerelda, side pocket, Hillbilly Dem, Deward Hastings, Mosquito Pilot, Steven D, poemworld, mosesfreeman, Emmy, xxdr zombiexx, llellet, Sol Fed Joe, sawgrass727, Gowrie Gal, Green Mountain Flatlander, sb, Brecht, Skennet Boch, Bluesee, Simian, marina, radarlady, NoMoreLies, jrooth, tle, LakeSuperior, JanetT in MD, CTPatriot, WildRice, democracy inaction, sc kitty, corvo, run around, truong son traveler, basquebob, dewtx, ChemBob, snacksandpop, fixxit, eru, lennysfo, bleeding blue, Sun Tzu, pasadena beggar, GreyHawk, ladybug53, stevemb, Tool, LieparDestin, brentut5, WisePiper, Shotput8, sodalis, mlleelizabeth, bunsk, peacestpete, Indiana Bob, CJnyc, Jim P, martini, elliott, kovie, Knucklehead, esquimaux, BachFan, tommymet, Medium Head Boy, Kingsmeg, DrSpalding, Mr Bojangles, BlueInARedState, cardboardurinal, Yellow Canary, mooshter, Prognosticator, The Wizard, carolita, slampros, Lefty Coaster, blueoasis, NBBooks, DarkestHour, MJ via Chicago, aloevera, StrayCat, philipmerrill, twigg, gooderservice, PapaChach, JVolvo, joe shikspack, Sagebrush Bob, Preston S, sceptical observer, Turbonerd, onionjim, BlueMississippi, thenekkidtruth, CA Nana, geekydee, Clive all hat no horse Rodeo, Stripe, shaharazade, Tom Anderson, kurious, bstotts, Temmoku, AllanTBG, Little, OHdog, krwheaton, One Pissed Off Liberal, pgm 01, out of left field, Habitat Vic, wa ma, SpecialKinFlag, camlbacker, Debs2, Dartagnan, ColoTim, psychodrew, Stwriley, linkage, yoduuuh do or do not, la urracca, HeartlandLiberal, Ticonderoga, operculum, terabytes, dclawyer06, DWG, Shadowmage36, bnasley, dconrad, artisan, Kentucky Kid, millwood, Moderation, skod, JML9999, Don midwest, kdnla, on the cusp, cville townie, fb, CroneWit, cynndara, Ezekiel in Exile, revm3up, mconvente, misterwade, JaxDem, flowerfarmer, wayoutinthestix, zerone, Johnny Nucleo, Senor Unoball, dadadata, bythesea, jamess, Greyhound, here4tehbeer, Lujane, tofumagoo, CenFlaDem, triplepoint, No Exit, petulans, elpacifico66, 3rdOption, BYw, Keninoakland, HarpboyAK, rodentrancher, palantir, rhutcheson, statsone, CIndyCasella, ZhenRen, LaFeminista, zemongoose, Bule Betawi, Rhysling, cybrestrike, J M F, DontTaseMeBro, clear SKies, lostinamerica, The Dead Man, ewmorr, notrouble, shopkeeper, mkor7, JesseCW, jmknapp53, petral, dskoe, TheOpinionGuy, jomi, Keith Pickering, nancat357, boatwright, jpmassar, Nannyberry, Leftcandid, Words In Action, Just Bob, confitesprit, politik, David Harris Gershon, The Free Agent, mookins, Klaus, MEAT HELMET, gulfgal98, samanthab, Kristina40, DerAmi, Johnny Q, Publius2008, rja, Betty Pinson, orlbucfan, Loose Fur, Oh Mary Oh, nosleep4u, All In, Barbara Marquardt, pajoly, Bluefin, Lost Left Coaster, zooecium, nervousnellie, bootsykronos, Bluerall, Situational Lefty, lexalou, arachne, Nicci August, Teiresias70, marleycat, badscience, Wolf10, muddy boots, smoothnmellow, moldyfolky, sofa turf, enhydra lutris, PhilJD, poliwrangler, doct, randomfacts, waiting for lefty, bakeneko, Hayate Yagami, jadt65, DRo, SouthernLiberalinMD, nyer11Oak, MichaelNY, No one gets out alive, Azazello, Laurel in CA, BocaBlue, quill, Flying Goat, DeadHead, CharlesII, IndieGuy, MsLillian, turn blue, Joieau, a2nite, 420 forever, 2thanks, Trotskyrepublican, Steve Masover, congenitalefty, Mr Robert, Mike RinRI, Th0rn, peachcreek, Johnny the Conqueroo, OllieGarkey, lunachickie, sexgenderbody, FrY10cK, AverageJoe42, George3, Robynhood too, gmadoll789, Raven Song, The Geogre, flevitan, nuclear winter solstice, Chaddiwicker, gem56, jbob, JayRaye, quince, eyo, philS, goodpractice, HedwigKos, unfangus, leeleedee, sfbaytransplant, JerryNA, Demeter Rising, Rachel Colyer, TulsaGal, tampaedski, Fishtroller01, Ironic Chef, River Rover, dreamweaver1, The Marti, RUNDOWN, Ozy, Fish Man, Travelin Man, bygorry, Stars over Volcano, kkkkate, NCTim, thanatokephaloides, ptressel, SirVantes, Richard Villiers, wil rizen, Pablo Bocanegra, GreatLakeSailor, benamery21, Charlie1350, AJayne, Skyprogress, JJ In Illinois, bethann, BMScott, Gunnar Thomas, JayFarquharson, Lsands1950, bobcat41702, senselocke, KDfrAZ, Besame, nicestjerk, coyote66, Blackwolf53, QueenOfTheFaeries, MoreLiberalByTheDay, dollymajig, darleneh, thankyoubutnothankyou, bill dog, Aa Moo, Antitheist, Aurora Oxymora, ghotiphaze, Slamfu, swirly, Brown Mouse, DeliaM, MendJusticeForAll, mixedbag, Mrcynical, Subterra

(Load)

Recommended by bobswern

BNR - 'Los Angeles Still Sizzles After The Bern' & 'Symone Sanders Carries A Fire Of Her Own'
Welcome to the Bernie News Roundup . The BNR is a voluntary, non-campaign associated roundup of news, media, & other information related to Bernie Sanders run for President. Visit the group page ...
by LieparDestin 34 comments 56 Recs
Gallup poll on Democratic Favorability Ratings Among Black Adults
I came across the following table, and thought it might be of interest in the discussions as of late. I offer it as someone who has not decided on whom to support in the Democratic Primary, ...
by BFSkinner 125 comments 35 Recs
SHOCK POLL: Bernie Sanders leads Hillary by 7 in New Hampshire
Democratic presidential hopeful Bernie Sanders has rocketed past longtime front-runner Hillary Clinton in New Hampshire, a stunning turn in a race once considered a lock for the former secretary of ...
by hencexox 398 comments 226 Recs
Hollywood Pay Heed: Netflix's Sense8 is About to Shift TV Paradigms with Race and Gender
In Episode 6 of Sense8 , one of the latest installments in Netflix's arsenal of binge-worthy shows, the sci-fi drama takes its viewers on a sex-driven adrenaline pinching ride, a la Inception . To ...
by kpascual 10 comments 11 Recs
Perhaps this is how it's done: Did Bernie Sanders Lets Black Lives Matter Open LA Event?
Yahoo News reported that Senator Bernie Sanders allowed Black Lives Matter activists to open his LA campaign event. In actuality, it appears that Black Lives Matter DID NOT open the event, his new ...
by Sassine 32 comments 28 Recs
The Evening Blues - 8-11-15
Welcome! " The Evening Blues" is a casual community diary (published Monday - Friday, 8:00 PM Eastern) where we hang out, share and talk about news, music, photography and other things of ...
by joe shikspack 82 comments 22 Recs
BLM Boston initially shut out of Clinton event/ then granted meeting/story evolving
According to CNN, BLM Boston planned to attend Clinton event in NH this afternoon to ask questions; they gave their story to a New Republic reporter, who posted the story at 3pm. Note: This story ...
by smiley7 504 comments 48 Recs
‘Most Trusted’ Professionals’ Union Endorsed Sanders Because Of His Opposition To XL Pipeline
National Nurses United (NNU) has endorsed Bernie Sanders as its chosen candidate for President of US. Other candidates had sought the Unions endorsement and so it is interesting to hear the back ...
by VL Baker 23 comments 42 Recs
The Evening Blues - 8-10-15
Welcome! " The Evening Blues" is a casual community diary (published Monday - Friday, 8:00 PM Eastern) where we hang out, share and talk about news, music, photography and other things of ...
by joe shikspack 38 comments 24 Recs
Ferguson: Press & Protestors Arrested; But Police Give Way As Oathkeeper Militia Turns Up With Guns
It is often difficult to express to people what creates a situation of White Privilege. Last night, in Ferguson, however, the Oathkeeper militia took to the streets as police pulled back and ...
by Chris Reeves 146 comments 220 Recs

No current results.


Unpublish Diary (The diary will be removed from the site and returned to your drafts for further editing.)
Delete Diary (The diary will be removed.)

Daily Kos

News, Community, Action